cve/CVE-2019-5018.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 17:22:02 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.

POC

Reference

http://packetstormsecurity.com/files/152809/Sqlite3-Window-Function-Remote-Code-Execution.html
http://packetstormsecurity.com/files/152809/Sqlite3-Window-Function-Remote-Code-Execution.html
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0777
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0777

Github

https://github.com/alphaSeclab/sec-daily-2019
https://github.com/fredrkl/trivy-demo

1.1 KiB Raw Blame History

CVE-2019-5018

Description

POC

Reference

Github

1.1 KiB

Raw Blame History