CVE-2015-3416

2015-04-24T17:59:00
ID CVE-2015-3416
Type cve
Reporter cve@mitre.org
Modified 2018-07-19T01:29:00

Description

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.