#VU23794 Untrusted Pointer Dereference in SQLite - CVE-2019-19880


| Updated: 2020-01-22

Vulnerability identifier: #VU23794

Vulnerability risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2019-19880

CWE-ID: CWE-822

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SQLite
Server applications / Database software

Vendor: SQLite

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to invalid pointer dereference in exprListAppendList() function in window.c when processing constant integer values in ORDER BY clauses. A remote attacker with ability to interact with a query can execute arbitrary code on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SQLite: 3.25.0 - 3.30.1

External links
https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell Unity, Dell UnityVSA, and Dell Unity XT
Multiple vulnerabilities in Autodesk InfraWorks
Multiple vulnerabilities in Dell EMC VxRail Appliance
Multiple vulnerabilities in Dell EMC Data Protection Search
Multiple vulnerabilities in Dell EMC Integrated Data Protection Appliance
Multiple vulnerabilities in Siemens SINEC INS
SUSE update for sqlite3
SUSE update for sqlite3
Debian update for chromium
OpenSUSE Linux update for chromium, re2