Stephen Lombardo

1 exploit Active since Mar 2021
CVE-2021-3119 WRITEUP HIGH WRITEUP
Zetetic SQLCipher 4.0-4.4.2 - Denial of Service via Crafted SQL Command Sequence
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command sequence, which causes a segmentation fault.
CVSS 7.5