CVE-2017-10989

The getNodeSize function in ext/rtree/rtree.c in SQLite before 3.11.0, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.

No comments yet.

Leave a Reply

Please leave these two fields as-is:

Protected by Invisible Defender. Showed 403 to 788,113 bad guys.