Zetetic SQLCipher 4.x prior to 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an malicious user to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command sequence, which causes a segmentation fault.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zetetic sqlcipher |