Description

SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.

Remediation

References

CVE-2017-15286

Related Vulnerabilities

Plone CMS CVE-2012-5503 Vulnerability (CVE-2012-5503)

WordPress Plugin MM Forms Community 'edit_details.php' SQL Injection (1.2.3)

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.12)

WordPress Other Vulnerability (CVE-2006-0733)

phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9849)

Severity

High

Classification

CVE-2017-15286 CWE-476 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities