Description
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
Remediation
References
Related Vulnerabilities
MySQL CVE-2016-5609 Vulnerability (CVE-2016-5609)
WebLogic CVE-2016-3510 Vulnerability (CVE-2016-3510)
Atlassian Jira CVE-2021-39122 Vulnerability (CVE-2021-39122)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.19)
WordPress Plugin Import any XML or CSV File to WordPress Pro Multiple Vulnerabilities (4.1.1)