Our team's security researcher @leonwxqian discovered a SQLite remote code execution vulnerability. This vulnerability can be triggered remotely by accessing a web page, affecting all software that uses Chromium or SQLite. Details can be found at https://blade.tencent.com/magellan/index_en.html ….
-
-
Cool discovery. But can you confirm that it really affect all software that uses SQLite? Chromium makes sense as most software using it probably allows attacker to execute some script or render arbitrary HTML, but SQLite?
1 reply 0 retweets 0 likes -
I'd imagine that it affects any software that uses SQLite, *and* in a way that allows an attacker to craft an arbitrary query (otherwise there's no attack vector). Which bizarrely includes Chromium (via Web SQL Database): https://caniuse.com/#feat=sql-storage … https://en.wikipedia.org/wiki/Web_SQL_Database …
2 replies 0 retweets 1 like -
Seems that way to me too. But this contradicts Tencent's claim that *all* apps using SQLite are affected.
1 reply 0 retweets 2 likes -
All apps using SQLite would technically *contain* the vulnerability. But if there's no attack vector to allow an attacker to perform the queries, then there's no way for an attacker to reach the vulnerability.
2 replies 1 retweet 4 likes -
This is a good example of the difficulty of having a database that can determine whether or not a product is vulnerable or not. With open-source apps, it's not too tricky to determine if an app statically or dynamically uses a library. But knowing *if* and *how* it's used...
1 reply 1 retweet 4 likes -
This Tweet is unavailable.
-
Not in Web SQL case: it's your own database you run SQL queries against. That shouldn't be a problem.
0 replies 0 retweets 1 like -
This Tweet is unavailable.
And the million dollar question is: What apps are designed in such a way?
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.