Vulnerability Details : CVE-2018-20506
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.
Vulnerability category: OverflowExecute code
Products affected by CVE-2018-20506
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
- cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-20506
1.83%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-20506
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
8.1
|
HIGH | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.2
|
5.9
|
NIST |
CWE ids for CVE-2018-20506
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-20506
-
http://seclists.org/fulldisclosure/2019/Jan/69
Full Disclosure: APPLE-SA-2019-1-24-1 iTunes 12.9.3 for WindowsMailing List;Third Party Advisory
-
https://support.apple.com/kb/HT209443
About the security content of iOS 12.1.3 - Apple SupportThird Party Advisory
-
https://seclists.org/bugtraq/2019/Jan/39
Bugtraq: APPLE-SA-2019-1-24-1 iTunes 12.9.3 for WindowsMailing List;Third Party Advisory
-
https://support.apple.com/kb/HT209450
About the security content of iTunes 12.9.3 for Windows - Apple SupportThird Party Advisory
-
https://www.oracle.com/security-alerts/cpuapr2020.html
Oracle Critical Patch Update Advisory - April 2020
-
https://seclists.org/bugtraq/2019/Jan/29
Bugtraq: APPLE-SA-2019-1-22-6 iCloud for Windows 7.10Mailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2019/Jan/64
Full Disclosure: APPLE-SA-2019-1-22-1 iOS 12.1.3Mailing List;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20190502-0004/
April 2019 SQLite Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
http://seclists.org/fulldisclosure/2019/Jan/66
Full Disclosure: APPLE-SA-2019-1-22-4 tvOS 12.1.2Mailing List;Third Party Advisory
-
https://usn.ubuntu.com/4019-1/
USN-4019-1: SQLite vulnerabilities | Ubuntu security notices
-
http://seclists.org/fulldisclosure/2019/Jan/68
Full Disclosure: APPLE-SA-2019-1-22-3 watchOS 5.1.3Mailing List;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
[SECURITY] [DLA 2340-1] sqlite3 security update
-
https://usn.ubuntu.com/4019-2/
USN-4019-2: SQLite vulnerabilities | Ubuntu security notices
-
https://seclists.org/bugtraq/2019/Jan/28
Bugtraq: APPLE-SA-2019-1-22-1 iOS 12.1.3Mailing List;Third Party Advisory
-
https://seclists.org/bugtraq/2019/Jan/32
Bugtraq: APPLE-SA-2019-1-22-3 watchOS 5.1.3Mailing List;Third Party Advisory
-
https://seclists.org/bugtraq/2019/Jan/33
Bugtraq: APPLE-SA-2019-1-22-4 tvOS 12.1.2Mailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2019/Jan/67
Full Disclosure: APPLE-SA-2019-1-22-6 iCloud for Windows 7.10Mailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2019/Jan/62
Full Disclosure: APPLE-SA-2019-1-22-2 macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 SierraMailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/106698
SQLite 'FTS3' extension Remote Code Execution VulnerabilityThird Party Advisory;VDB Entry
-
https://support.apple.com/kb/HT209447
About the security content of tvOS 12.1.2 - Apple SupportThird Party Advisory
-
https://support.apple.com/kb/HT209448
About the security content of watchOS 5.1.3 - Apple SupportThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html
[security-announce] openSUSE-SU-2019:1222-1: moderate: Security update fMailing List;Third Party Advisory
-
https://support.apple.com/kb/HT209451
About the security content of iCloud for Windows 7.10 - Apple SupportThird Party Advisory
-
https://seclists.org/bugtraq/2019/Jan/31
Bugtraq: APPLE-SA-2019-1-22-2 macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 SierraMailing List;Third Party Advisory
-
https://sqlite.org/src/info/940f2adc8541a838
SQLite: Check-in [940f2adc]Vendor Advisory
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
Security Bulletin - Policy Auditor update fixes multiple vulnerabilities in third-party libraries (CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2017-17740, CVE-2017-9287, CVE-2019-13057, CVE-2020-
-
https://support.apple.com/kb/HT209446
About the security content of macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra - Apple SupportThird Party Advisory
Jump to