Exploiting a Single SQLite Vulnerability Across Multiple Software

Дата: 08.01.2020. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

SQLite is widely used as embedded database software for local/client storage in application software, such as web browsers and mobile applications. As a relational database, SQLite is vulnerable to SQL injection attack, which has been well-studied for a long time. Memory corruption bugs in SQLite are usually not considered security issues, since they are normally unlikely to be exploitable. In this talk, we will study several remotely exploitable memory corruption cases to show the dangerous attack surface in SQLite.

By Siji Feng & Zhi Zhou & Kun Yang

Full Abstract & Presentation Materials: https://www.blackhat.com/us-17/briefings.html#many-birds-one-stone-exploiting-a-single-sqlite-vulnerability-across-multiple-software


Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *