magellan 2.0

New SQLite Vulnerabilities Affect Many Applications

 

Exactly one year and a week after the disclosing of original Magellan 1.0 SQLite vulnerabilities, the same Tencent Blade Team has disclosed another batch of SQLite vulnerabilities named ‘Magellan 2.0’. As its predecessor this new  ‘Magellan 2.0’ infects all applications that use SQLite as a database engine. Improper validation of external SQL queries caused to these exploitation. As a result attackers allow to executing their malicious code through the SQL queries in the application.

SQLite is a famous relational database management system among the developers all over the world. Google Chrome, Mozilla Firefox, Windows 10, and many other well-known applications are utilized with SQLite.

Blog posted by “Tencent Blade” mentioned that “As a well-known database SQlite is widely used in all modern mainstream operating systems and softwares, so this vulnerability has a wide range of influence. SQLite and Google had confirmed and fixed these vulnerabilities. We will not disclose any details of the vulnerability this time and we are pushing other vendors to fix this vulnerability as soon as possible”.

To be exploitable, the application must allow direct input of row SQL commands. As Google Chrome uses an internal SQLite database to store various browser settings and user data, Tencent was able to remotely execute commands in Chrome as long as WebSQL was enabled in the browser. WebSQL is an API that translate JavaScript Code in to SQL commands to execute against database.

However ‘Tencent Blade’ has been reported these vulnerabilities to Google and SQLite on November 16th, 2019 and patches applied to SQLite on December 13th, 2019.Although  they suggest you to install the latest version of applications which are utilized with SQLite as an integrated component.


Leave a Reply

Your email address will not be published. Required fields are marked *