On the iPhone, the SQLite database vulnerability can be accessed thanks to a known bug in iOS’s Contacts app that has existed for four years now without a fix.

Windows 10, macOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite." "In short, we can gain control over anyone who queries our SQLite-controlled database," they continued.

Clever SQLite attack lets hackers get iOS persistence The idea is that vulnerabilities in how third-party apps read data from SQLite databases allows a third-party to hide malicious code in the ...

Creating and using an SQLite database for data persistence in Android apps. Covers the basics, as well as using foreign keys. Full source included.

SQLite is designed to be fast, portable, and reliable, whether you’re storing only kilobytes of data or multi-gigabyte blobs. We'll take a look at SQLite, including where and when to use it and ...

Researchers Show How SQLite Can Be Modified to Attack Apps New technique involves query hijacking to trigger a wide range of memory safety issues within the widely used database engine, Check ...

Apple has also fixed vulnerabilities in iPadOS 17.7.6, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5, as well as its recently released iOS 18.4.

Posted in Hackaday Columns, Security Hacks Tagged ios, openssl, sqlite, This Week in Security ← NVIDIA Power Cables Are Melting, This May Be Why ...

Apple uses SQLite to store contacts on the iPhone and some saved passwords on Macs. Check Point researchers did inform Apple of the issue in March and the company patched the flaw in May.