CVE-2018-20346 vulnerability in Google and Other Products
Published on December 21, 2018

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2018-20346

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-20346 are published in these products:

Google Chrome

SQLite

Debian Linux

OpenSuse Leap

Red Hat Linux

Exploit Probability

EPSS

13.21%

Percentile

94.03%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-20346 vulnerability in Google and Other ProductsPublished on December 21, 2018

Products Associated with CVE-2018-20346

Exploit Probability

CVE-2018-20346 vulnerability in Google and Other Products
Published on December 21, 2018