A vulnerability has been found in SQLite 3.26.0/3.27.0 and classified as critical. Affected by this vulnerability is the function sqlite3SelectPrep
of the file src/select.c of the component SQL Command Handler. The manipulation with an unknown input leads to a memory corruption vulnerability (Use-After-Free). The CWE definition for the vulnerability is CWE-416. As an impact it is known to affect confidentiality, integrity, and availability.
The weakness was released 05/09/2019 with Cisco Talos as TALOS-2019-0777 as confirmed vulnerability report (Website). The advisory is shared at talosintelligence.com. This vulnerability is known as CVE-2019-5018 since 01/04/2019. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Technical details and also a public exploit are known. The advisory points out:
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.
After immediately, there has been an exploit disclosed. It is declared as proof-of-concept. It is possible to download the exploit at talosintelligence.com. The vulnerability was handled as a non-public zero-day exploit for at least 51 days. During that time the estimated underground price was around $5k-$25k.
Applying a patch is able to eliminate this problem. A possible mitigation has been published before and not just after the disclosure of the vulnerability.
Product
Name
CPE 2.3
CPE 2.2
CVSSv3
VulDB Meta Base Score: 7.7
VulDB Meta Temp Score: 7.0
VulDB Base Score:
7.3VulDB Temp Score:
6.6VulDB Vector:
🔒VulDB Reliability:
🔍Researcher Base Score: 8.1
Researcher Vector:
🔒CVSSv2
VulDB Base Score:
🔒VulDB Temp Score:
🔒VulDB Reliability:
🔍Exploiting
Class: Memory corruption / Use-After-Free (
CWE-416)
Local: No
Remote: Yes
Availability:
🔒Access: Public
Status: Proof-of-Concept
Download:
🔒Price Prediction:
🔍Current Price Estimation:
🔒Threat Intelligence
Threat:
🔍Adversaries:
🔍Geopolitics:
🔍Economy:
🔍Predictions:
🔍Remediation:
🔍Countermeasures
Recommended: Patch
Status:
🔍Reaction Time:
🔒0-Day Time:
🔒Exploit Delay Time:
🔍Timeline
01/04/2019 CVE assigned02/05/2019 Vendor informed
03/28/2019 Countermeasure disclosed
05/09/2019 Advisory disclosed05/09/2019 Exploit disclosed05/11/2019 VulDB entry created05/11/2019 VulDB last updateSources
Advisory:
TALOS-2019-0777Organization: Cisco Talos
Status: Confirmed
CVE:
CVE-2019-5018 (
🔒)
Entry
Created: 05/11/2019 03:04 AM
Complete:
🔍Lien vers l'article source