Description
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
Remediation
References
Related Vulnerabilities
OpenSSL DEPRECATED: Code Vulnerability (CVE-2015-0287)
MongoDb Uncontrolled Resource Consumption Vulnerability (CVE-2016-3104)
WordPress Plugin LearnPress-WordPress LMS Local File Inclusion (4.2.6.8.2)
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.5)
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-31216)