Description
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
Remediation
References
Related Vulnerabilities
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.8)
WordPress Custom Global Variable Unspecified Vulnerability (3.0.0)
Lighttpd Other Vulnerability (CVE-2005-0453)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-10202)
TheCartPress eCommerce Shopping Cart Multiple Vulnerabilities (1.5.3.6)