Lucene search
Ubuntu.comUB:CVE-2015-7036HistoryNov 22, 2015 - 12:00 a.m.
CVE-2015-7036
2015-11-2200:00:00
ubuntu.com
ubuntu.com
9
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.035 Low
EPSS
Percentile
91.6%
The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and
OS X before 10.10.4, allows remote attackers to execute arbitrary code or
cause a denial of service (application crash) via a SQL command that
triggers an API call with a crafted pointer value in the second argument.
Notes
| Author | Note |
|---|---|
| mdeslaur | as of 2016-01-08, no details. Probably Apple-specific. Marking as not-affected. |
Related
prion
prion
Sql injection
2015-11-22 03:59:00
cvelist
cvelist
CVE-2015-7036
2015-11-22 02:00:00
zdi
zdi
SQLite fts3_tokenizer Untrusted Pointer Remote Code Execution Vulnerability
2015-11-18 00:00:00
nvd
nvd
CVE-2015-7036
2015-11-22 03:59:02
gentoo
gentoo
SQLite: Multiple vulnerabilities
2016-12-08 00:00:00
cve
cve
CVE-2015-7036
2015-11-22 03:59:02
nessus
nessus
GLSA-201612-21 : SQLite: Multiple vulnerabilities
2016-12-08 00:00:00
RHEL 7 : sqlite (Unpatched Vulnerability)
2024-06-03 00:00:00
Mac OS X 10.10.x < 10.10.4 Multiple Vulnerabilities (GHOST) (Logjam)
2015-07-01 00:00:00
checkpoint_advisories
checkpoint_advisories
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-01 (Jul 2015)
2015-07-10 00:00:00
ibm
ibm
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.035 Low
EPSS
Percentile
91.6%
Related for UB:CVE-2015-7036