Lucene search

K
cvelistMitreCVELIST:CVE-2017-10989
HistoryJul 07, 2017 - 12:00 p.m.

CVE-2017-10989

2017-07-0712:00:00
mitre
www.cve.org
9
sqlite
rtree
heap-based buffer.

AI Score

9.7

Confidence

High

EPSS

0.009

Percentile

83.2%

The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.