Odds are good that you don’t know the term SQLite. It is one of the most widely used database formats in the world. All of the Apple iOS devices running iOS 8 or later (that’s most of them) are vulnerable to this hack. Typically an iPhone reboot would resolve this, due to it’s search for “signatures”, but iOS trusts SQL databases. I suppose that might change in the near future. This proof of concept isn’t a threat at the moment, but because it’s a 4 year old find in vulnerability, someone leaked it… it’s likely to be leveraged quickly.

Tainted SQLite database can run malicious code inside other apps, such as web apps or Apple’s iMessage.

Found at www.zdnet.com

Skip to toolbar