- Researchers discovered use after free vulnerability in windows functions of SQLite.
- The CVE-2019-5018 flaw could allow remote code execution on affected devices.
- The flaw received a CVSS 3.0 score 8.1 and impact SQLite versions 3.26.0, 3.27.0.
- The company addressed the issue by releasing SQLite version 3.28.
Security researchers have discovered a use after free vulnerability in Windows functions of SQLite.
The flaw tracked as CVE-2019-5018 could be exploited by attackers to remotely execute code on the victim’s devices.
The vulnerability was discovered by security researchers at Cisco Talos and said that “A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution.”
Attackers just need to send a malicious SQL command to trigger this vulnerability.
SQLite is a relational database management system contained in a C programming library and is the most widely deployed database in the world.
“SQLite implements the Window Functions feature of SQL which allows queries over a subset, or “window”, of rows. After parsing a SELECT statement that contains a window function, the SELECT statement is transformed using the sqlite3WindowRewrite function.”
Researchers discovered that to implement this function SQLite reuses a deleted partition which causes a use after free vulnerability and resulting in denial in service.
If the attacker could control and access this memory, they could corrupt more data and remotely execute code on the affected device.
The flaw received a CVSS 3.0 score 8.1 and impact SQLite versions 3.26.0, 3.27.0
Researchers noticed the company about the vulnerability in February and the company addressed the issue by releasing SQLite version 3.28 in March.
You may be interested in reading: New Emotet Trojan Variant Uses Compromised Devices as Proxy C&C Servers