Invalid Pointer Dereference in SQLite 3.30.1 due to Mishandling of Constant Integer Values in ORDER BY Clauses

Invalid Pointer Dereference in SQLite 3.30.1 due to Mishandling of Constant Integer Values in ORDER BY Clauses

CVE-2019-19880 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.