CVE-2015-7036
Published: 22 November 2015
The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument.
Notes
Author | Note |
---|---|
mdeslaur | as of 2016-01-08, no details. Probably Apple-specific. Marking as not-affected. |
Priority
Status
Package | Release | Status |
---|---|---|
sqlite Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
|
trusty |
Not vulnerable
|
|
upstream |
Needs triage
|
|
vivid |
Not vulnerable
|
|
wily |
Not vulnerable
|
|
sqlite3 Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
|
trusty |
Not vulnerable
|
|
upstream |
Needs triage
|
|
vivid |
Not vulnerable
|
|
wily |
Not vulnerable
|