Vigil@nce - SQLite: database corruption using unsafe temporary folders
July 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can access to temporary files created by SQLite in
order to read or change the content of a protected database.
Impacted products: Debian, Fedora, SQLite.
Severity: 1/4.
Creation date: 04/07/2016.
DESCRIPTION OF THE VULNERABILITY
SQLite is an embedded database manager.
When the application does not specify where the library should
create temporary files, SQLite uses an internally fixed list of
candidate folders. However, the check for permissions of these
folders is wrong, so the library can create temporary files as the
ones used for transaction implementation, which will be readable
or writable by unauthorized process.
An attacker can therefore access to temporary files created by
SQLite in order to read or change the content of a protected
database.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/SQLite-database-corruption-using-unsafe-temporary-folders-20018