Welcome to WebmasterWorld Guest from 34.207.78.157

Forum Moderators: open

remote-code execution hole in SQLite

Don't panic, just patch now

     
5:52 am on May 11, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:9714
votes: 925


Talos published a walkthrough, complete with examples of code highlighting precisely what the vuln is and how it exists. The fix is easy, up to a point: update your project or product to SQLite version 3.28, available on the SQLite website and then roll out the fix to your end users.
[theregister.co.uk...]

As always, maintain the latest updates possible.
9:03 am on May 11, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts: 2936
votes: 188


Its not major for most of us because you would need access to the DB or and SQL injection vulenratbility to exploit it.

The biggest problem is desktop and mobile apps updating, not websites,
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members