CVE-2015-3416

2015-04-24T13:59:02
ID CVE-2015-3416
Type cve
Reporter NVD
Modified 2018-07-18T21:29:01

Description

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.