Main Vulnerability Database Vulnerabilities #VU20866

Resource management error in SQLite - CVE-2016-6153

Published: September 4, 2019

Vulnerability identifier: #VU20866

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2016-6153

CWE-ID: CWE-399

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
SQLite

Software vendor:
SQLite

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack or gain access to sensitive information.

The vulnerability exists due to the application improperly implements the temporary directory search algorithm. A local user can make the application use the current working directory for storing temporary files and gain access to sensitive information or perform denial of service attack.

Remediation

Install updates from vendor's website.

External links

http://www.sqlite.org/cgi/src/info/67985761aa93fb61
https://www.sqlite.org/releaselog/3_13_0.html

Resource management error in SQLite - CVE-2016-6153

Description

Remediation

External links

Please verify you're human