Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.
CVSS Information
N/A
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
SQLite 安全漏洞
Vulnerability Description
SQLite是SQLite开源的一款轻型的数据库,是遵守ACID的关系型数据库管理系统。 SQLite 3.44.4之前版本存在安全漏洞,该漏洞源于concat_ws函数中的整数溢出,可能导致堆缓冲区溢出和任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A