SQLite3 -- Tempdir Selection Vulnerability
KoreLogic security reports:
Affected versions of SQLite reject potential tempdir locations if
they are not readable, falling back to '.'. Thus, SQLite will favor
e.g. using cwd for tempfiles on such a system, even if cwd is an
unsafe location. Notably, SQLite also checks the permissions of
'.', but ignores the results of that check.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright