Exploit Buffer Overflow Patch
Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.
CWE-120 : Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
A buffer overflow condition exists when a product attempts to put more data in a buffer than it can hold, or when it attempts to put data in a memory area outside of the boundaries of a buffer. The simplest type of error, and the most common cause of buffer overflows, is the "classic" case in which the product copies the buffer without restricting how much is copied. Other variants exist, but the existence of a classic overflow strongly suggests that the programmer is not considering even the most basic of security protections.
MISC Patch Exploit
Exploit Issue Tracking Patch Vendor Advisory
|No known exploits|
Other (github, ...)
Common Attack Pattern Enumerations and Classifications
|10||Buffer Overflow via Environment Variables
|14||Client-side Injection-induced Buffer Overflow
|24||Filter Failure through Buffer Overflow
|44||Overflow Binary Resource File
|45||Buffer Overflow via Symbolic Links
|46||Overflow Variables and Tags
|47||Buffer Overflow via Parameter Expansion
|67||String Format Overflow in syslog()
|8||Buffer Overflow in an API Call
|9||Buffer Overflow in Local Command-Line Utilities
|92||Forced Integer Overflow
Take a picture of your computer network in a few clicks !
The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.