I think this CVE must be referring to a bug that allows an attacker to
cause a divide-by-zero by modifying the schema and then injecting an
SQL query of their own choosing. If so, that bug has been fixed in
the latest release. In fact, all known bugs have been fixed in the
On the other hand, I don't know of any mechanism on Windows Server
2012 by which an attacker can modify the schema of an SQLite database
and then inject arbitrary SQL. So it is not clear to me that this is
really a vulnerability.