WEB APPLICATION VULNERABILITIES Standard & Premium

Sqlite Improper Input Validation Vulnerability (CVE-2016-6153)

Description

os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.

Remediation

References

Related Vulnerabilities

PrestaShop Files or Directories Accessible to External Parties Vulnerability (CVE-2020-5250)

Oracle JRE CVE-2018-2677 Vulnerability (CVE-2018-2677)

WordPress Plugin File Gallery Remote Code Execution (1.7.9)

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4464)

WordPress Plugin Advanced Classifieds & Directory Pro Security Bypass (1.6.2)

Severity

Medium

Classification

CVE-2016-6153 CWE-20 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Tags

Missing Update Known Vulnerabilities