CVE-2016-6153
Description
os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.032
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| C library that implements an SQL database engine (USN-2698-1) libsqlite3-0_3.8.2-1ubuntu2.2_i386.deb | Linux |
| C library that implements an SQL database engine (USN-2698-1) libsqlite3-0_3.8.2-1ubuntu2.2_amd64.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) sqlite3_3.11.0-1ubuntu1.2_i386.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) sqlite3_3.11.0-1ubuntu1.2_amd64.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) sqlite3_3.22.0-1ubuntu0.1_i386.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) sqlite3_3.22.0-1ubuntu0.1_amd64.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) sqlite3_3.24.0-1ubuntu0.1_i386.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) sqlite3_3.24.0-1ubuntu0.1_amd64.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) sqlite3_3.27.2-2ubuntu0.1_i386.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) sqlite3_3.27.2-2ubuntu0.1_amd64.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) libsqlite3-0_3.11.0-1ubuntu1.2_i386.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) libsqlite3-0_3.11.0-1ubuntu1.2_amd64.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) libsqlite3-0_3.22.0-1ubuntu0.1_i386.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) libsqlite3-0_3.22.0-1ubuntu0.1_amd64.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) libsqlite3-0_3.24.0-1ubuntu0.1_i386.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) libsqlite3-0_3.24.0-1ubuntu0.1_amd64.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) libsqlite3-0_3.27.2-2ubuntu0.1_i386.deb | Linux |
| C library that implements an SQL database engine (USN-4019-1) libsqlite3-0_3.27.2-2ubuntu0.1_amd64.deb | Linux |
| SUSE-SU-2016:1945-1(SUSE Linux Enterprise Desktop 12-SP1 ) libsqlite3-0-3.8.10.2-3.1.x86_64.rpm | Linux |
| SUSE-SU-2016:1945-1(SUSE Linux Enterprise Desktop 12-SP1 ) libsqlite3-0-32bit-3.8.10.2-3.1.x86_64.rpm | Linux |
| SUSE-SU-2016:1945-1(SUSE Linux Enterprise Desktop 12-SP1 ) libsqlite3-0-debuginfo-3.8.10.2-3.1.x86_64.rpm | Linux |
| SUSE-SU-2016:1945-1(SUSE Linux Enterprise Desktop 12-SP1 ) libsqlite3-0-debuginfo-32bit-3.8.10.2-3.1.x86_64.rpm | Linux |
| SUSE-SU-2016:1945-1(SUSE Linux Enterprise Desktop 12-SP1 ) sqlite3-3.8.10.2-3.1.x86_64.rpm | Linux |
| SUSE-SU-2016:1945-1(SUSE Linux Enterprise Desktop 12-SP1 ) sqlite3-debuginfo-3.8.10.2-3.1.x86_64.rpm | Linux |
| SUSE-SU-2016:1945-1(SUSE Linux Enterprise Desktop 12-SP1 ) sqlite3-debugsource-3.8.10.2-3.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2021-1(SUSE Linux Enterprise Server 11-SP4 ) libsqlite3-0-3.7.6.3-1.4.6.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2021-1(SUSE Linux Enterprise Server 11-SP4 ) libsqlite3-0-32bit-3.7.6.3-1.4.6.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2021-1(SUSE Linux Enterprise Server 11-SP4 ) sqlite3-3.7.6.3-1.4.6.1.x86_64.rpm | Linux |
| Improper Input Validation Vulnerability (CVE-2016-6153) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234