Description
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
Remediation
References
Related Vulnerabilities
WordPress CVE-2017-1001000 Vulnerability (CVE-2017-1001000)
WordPress Plugin Cart66 Lite::WordPress Ecommerce Multiple Vulnerabilities (1.5.3)
PHP Other Vulnerability (CVE-2001-0108)
SharePoint CVE-2020-1338 Vulnerability (CVE-2020-1338)
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.11.19)