svn commit: r385815 - head/security/vuxml

Jan Beich jbeich at FreeBSD.org
Fri May 8 18:42:32 UTC 2015 

Author: jbeich
Date: Fri May  8 18:42:31 2015
New Revision: 385815
URL: https://svnweb.freebsd.org/changeset/ports/385815

Log:
  VuXML: update sqlite3 entry with verbose descriptions. CVE-2015-341[4-6]
  
  PR:		199483

Modified:
  head/security/vuxml/vuln.xml   (contents, props changed)

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Fri May  8 18:40:37 2015	(r385814)
+++ head/security/vuxml/vuln.xml	Fri May  8 18:42:31 2015	(r385815)
@@ -610,15 +610,40 @@ Notes:
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
-	<p>Full Disclosure reports:</p>
-	<blockquote cite="http://seclists.org/fulldisclosure/2015/Apr/31">
-	  <p>use of uninitialized memory when parsing collation sequences</p>
-	  <p>bad free()</p>
-	  <p>stack buffer overflow</p>
+	<p>NVD reports:</p>
+	<blockquote cite="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3414">
+	  <p>SQLite before 3.8.9 does not properly implement the
+	    dequoting of collation-sequence names, which allows
+	    context-dependent attackers to cause a denial of service
+	    (uninitialized memory access and application crash) or
+	    possibly have unspecified other impact via a crafted
+	    COLLATE clause, as demonstrated by COLLATE"""""""" at the
+	    end of a SELECT statement.</p>
+	</blockquote>
+	<blockquote cite="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3415">
+	  <p>The sqlite3VdbeExec function in vdbe.c in SQLite before
+	    3.8.9 does not properly implement comparison operators,
+	    which allows context-dependent attackers to cause a denial
+	    of service (invalid free operation) or possibly have
+	    unspecified other impact via a crafted CHECK clause, as
+	    demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.
+	  </p>
+	</blockquote>
+	<blockquote cite="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3416">
+	  <p>The sqlite3VXPrintf function in printf.c in SQLite before
+	    3.8.9 does not properly handle precision and width values
+	    during floating-point conversions, which allows
+	    context-dependent attackers to cause a denial of service
+	    (integer overflow and stack-based buffer overflow) or
+	    possibly have unspecified other impact via large integers
+	    in a crafted printf function call in a SELECT statement.</p>
 	</blockquote>
       </body>
     </description>
     <references>
+      <cvename>CVE-2015-3414</cvename>
+      <cvename>CVE-2015-3415</cvename>
+      <cvename>CVE-2015-3416</cvename>
       <url>https://www.sqlite.org/src/info/eddc05e7bb31fae7</url>
       <url>https://www.sqlite.org/src/info/02e3c88fbf6abdcf</url>
       <url>https://www.sqlite.org/src/info/c494171f77dc2e5e</url>
@@ -627,6 +652,7 @@ Notes:
     <dates>
       <discovery>2015-04-14</discovery>
       <entry>2015-04-18</entry>
+      <modified>2015-05-08</modified>
     </dates>
   </vuln>

More information about the svn-ports-all mailing list