Posted by Michal Zalewski on Apr 14

SQLite is probably the most popular embedded database in use today; it
is also known for being very well-tested and robust.

Because of its versatility, SQLite sometimes finds use as the
mechanism behind SQL-style query APIs that are exposed between
privileged execution contexts and less-trusted code. One example of
this is the WebDB / WebSQL mechanism available in some browsers; in
this setting, vulnerabilities in the SQLite parser can open up…