cve/CVE-2019-9936.md at 3877a24e5dfa1e5207c3ff2cc1b39969dba74f43

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 18:27:17 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.

POC

Reference

https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Github

No PoCs found on GitHub currently.

779 B Raw Blame History

CVE-2019-9936

Description

POC

Reference

Github

779 B

Raw Blame History