CVE-2019-13734: SQL Injection
An out of bounds write flaw was found in the SQLite component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=1025466
External References:
https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Other sources
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in SQLite. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system.
— IBM
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
— Launchpad
Affected Software
Remediation
Patch Available
Event History
Frequently Asked Questions
What is the severity of CVE-2019-13734?
CVE-2019-13734 is classified as a high severity vulnerability due to its potential to allow an attacker to execute arbitrary code.
What software is affected by CVE-2019-13734?
CVE-2019-13734 affects several versions of the Chromium browser and the SQLite component, among other software products.
How do I fix CVE-2019-13734?
To fix CVE-2019-13734, update to the latest version of the affected software, such as Chromium 79.0.3945.79 or the latest available SQLite versions.
What happens if I don't patch CVE-2019-13734?
If you do not patch CVE-2019-13734, your system may be vulnerable to exploitation which can lead to data breaches or unauthorized access.
How can I determine if my system is vulnerable to CVE-2019-13734?
You can determine if your system is vulnerable to CVE-2019-13734 by checking the version of the installed Chromium browser or SQLite and comparing it against the vulnerability definitions.