CVE-2019-16168

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
Configurations

Configuration 1 (hide)

cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 6 (hide)

cpe:2.3:a:tenable:nessus_agent:*:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:a:oracle:communications_design_studio:7.3.4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_design_studio:7.3.5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_design_studio:7.4.0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update231:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update231:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:outside_in_technology:8.5.4:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*
cpe:2.3:o:oracle:zfs_storage_appliance:8.8:*:*:*:*:*:*:*

Information

Published : 2019-09-09 17:15

Updated : 2021-07-31 08:15


NVD link : CVE-2019-16168

Mitre link : CVE-2019-16168


JSON object : View

Products Affected

netapp

  • active_iq_unified_manager
  • santricity_unified_manager
  • oncommand_insight
  • e-series_santricity_os_controller
  • steelstore_cloud_integrated_storage
  • ontap_select_deploy_administration_utility
  • oncommand_workflow_automation

oracle

  • jdk
  • zfs_storage_appliance
  • communications_design_studio
  • solaris
  • outside_in_technology
  • jre
  • mysql

sqlite

  • sqlite

fedoraproject

  • fedora

canonical

  • ubuntu_linux

tenable

  • nessus_agent

debian

  • debian_linux
CWE
CWE-369

Divide By Zero