header-logo
Suggest Exploit
vendor:
SQLite Browser
by:
Nishant Das Patnaik
7,5
CVSS
HIGH
DoS
20
CWE
Product Name: SQLite Browser
Affected Version From: 2.0b1
Affected Version To: 2.0b1
Patch Exists: No
Related CWE: N/A
CPE: sqlite_browser
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2/SP3 (x86), Vista (x86), Windows 7 (x64)
2009

SQLite Browser 2.0b1 Local DoS Vulnerability

A specially crafted SQL file query can cause the the application to freeze and finally crash. The bug is the SQL query processor engine, it can't handle malformed SQL queries leading to crash.

Mitigation:

Ensure that all SQL queries are properly validated and sanitized before being processed.
Source

Exploit-DB raw data:

# Exploit Title: SQLite Browser 2.0b1 Local DoS Vulnerability
# Author: Nishant Das Patnaik
# Tested on: Windows XP SP2/SP3 (x86), Vista (x86), Windows 7 (x64)
# Code : A specially crafted SQL file query can cause the the application to freeze and finally crash. The bug is the SQL query processor engine, it can't handle malformed SQL queries leading to crash.

# PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/11342.tar.gz (sqlite_browser_db_poc.tar.gz)

Navigation

Suggest Exploit

Services By CQR