cvedb.io
CVE-2015-3416
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2015-04-24T17:59:02.363 · Last modified 2026-06-17T00:25:53.843

Summary

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.

Affected products

canonical — ubuntu_linux

Does this affect you?

Add your gear to cvedb and we'll alert you only when canonical ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.