Hello, welcome to the Monday, December 17th, 2018 edition of the Sanss and at Storm Center's

Stormcast. My name is Johannes Ulrich, and I'm recording from Washington, D.C. Earlier this week,

the Tencent Blade Security team released an interesting vulnerability in SQLite. Now, SQLite is a very

ubiquitous tool. It's used in many, many different products. So a vulnerability in this

particular tool is quite serious. And we already have a proof of concept exploit out there that will crash Google Chrome.

So SQL Lite offers the ability to store structure data in small files and then provides SQL or a subset of the SQL query language to allow you to query this data.

Now, this vulnerability may go beyond Chrome and beyond browsers.

As far as browsers are concerned, currently Chrome, Safari, and Opera are supporting SQLite.

Now, the WebSQL database, this support is based on that particular standard.

It's actually no longer maintained and is sort of on its way out.

But there are many, many other tools that are using SQLite databases to maintain configuration

information or just to store random data.

So get ready for various vendors to patch their products in the next few weeks.

Of course, the browser is as usual of the biggest target here.

If exploited, this particular vulnerability could lead to code execution.

And if you are using a Logitech keyboard or mouse and you have the Logitech options software installed,

be careful it is possible for arbitrary webpages to send keystrokes to your system the reason

this vulnerability exists is that logitech options does implement a web socket server and does not

actually verify any data that's being sent to this service.

So any webpage can run JavaScript that will then send data to this WebSockets server.

And again, the WebSocket server does not actually check the origin of the data.

The only security feature appears to be that the attacker needs to know the process ID of the software.

...