QwikSec

Security Database

CVE

CWE

Training

CVE-2016-6153

Published: Sep 26, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.tenable.com/security/tns-2016-20

openSUSE-SU-2016:2041

vendor-advisory

https://www.sqlite.org/releaselog/3_13_0.html

[oss-security] 20160701 Re: SQLite Tempdir Selection Vulnerability

mailing-list

vdb-entry

http://www.sqlite.org/cgi/src/info/67985761aa93fb61

FEDORA-2016-0138339b54

vendor-advisory

https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt

[oss-security] 20160701 SQLite Tempdir Selection Vulnerability

mailing-list

vendor-advisory

vendor-advisory

FEDORA-2019-49f80a78bc

vendor-advisory

[debian-lts-announce] 20230522 [SECURITY] [DLA 3431-1] sqlite security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.