SQLite Database Vulnerable
The Tencent Blade security team has discovered a vulnerability in the immensely popular open source SQLite database engine. Tencent is one of the three Chinese giants known as BAT (Baidu, Alibaba, and Tencent).
“This vulnerability can be triggered remotely, such as accessing a particular web page in a browser, or any scenario that can execute SQL statements,” said a Tencent blog post.
Because SQLite is one of the most widely used databases, touching all modern applications, this vulnerability affects a wide range of the user base.
According to ZDNet, “Firefox and Edge don't support this API, but the Chromium open-source browser engine does. This means that Chromium-based browsers like Google Chrome, Vivaldi, Opera, and Brave, are all affected.” That said, Firefox is affected because it comes with a locally accessible SQLite database, allowing it to be exploited locally, but not remotely.
Related content
-
News for Admins
New Zero-day Vulnerability in Windows Systems, New Systemd Vulnerability Affects Most Mainstream Linux Distributions, SQLite Database Vulnerable, Microsoft Can't Catch a Break from Vulnerabilities, Hacks Abound
- Viewing a JPEG File May Compromise iOS Devices
- New Zero-Day Vulnerability Affects All Windows Systems
-
News for Admins
News for system administrators around the world. - Redis Vulnerability Impacts Linux Servers