Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.2.2020.2398
Categoría:Huawei EulerOS Local Security Checks
Título:Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-2398)
Resumen:The remote host is missing an update for the Huawei EulerOS; 'sqlite' package(s) announced via the EulerOS-SA-2020-2398 advisory.
Descripción:Summary:
The remote host is missing an update for the Huawei EulerOS
'sqlite' package(s) announced via the EulerOS-SA-2020-2398 advisory.

Vulnerability Insight:
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.(CVE-2019-5827)

flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).(CVE-2019-19923)

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls.(CVE-2019-19926)

SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.(CVE-2020-13434)

SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.(CVE-2020-13435)

Affected Software/OS:
'sqlite' package(s) on Huawei EulerOS V2.0SP2.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-5827
Bugtraq: 20190813 [SECURITY] [DSA 4500-1] chromium security update (Google Search)
https://seclists.org/bugtraq/2019/Aug/19
Debian Security Information: DSA-4500 (Google Search)
https://www.debian.org/security/2019/dsa-4500
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/
https://security.gentoo.org/glsa/202003-16
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html
https://crbug.com/952406
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
SuSE Security Announcement: openSUSE-SU-2019:1666 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html
https://usn.ubuntu.com/4205-1/
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2021 E-Soft Inc. Todos los derechos reservados.