CVE-2016-10187

NONE EPSS 84.7%
Published Mar 16, 20179y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 16, 2017 9y ago
Last Modified Jun 17, 2026 2w ago

Description

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.

Threat Intelligence

EPSS Exploit Probability
84.7% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-264

Affected Products 1

VendorProductVersionRange
calibre-ebookcalibre* ≤2.74.0

References 5

  • openwall.com http://www.openwall.com/lists/oss-security/2017/01/29/8
    Mailing ListPatch
  • openwall.com http://www.openwall.com/lists/oss-security/2017/01/31/9
    Mailing ListPatch
  • securityfocus.com http://www.securityfocus.com/bid/95909
    Third Party Advisory
  • bugs.launchpad.net https://bugs.launchpad.net/calibre/+bug/1651728
    ExploitIssue Tracking
  • github.com https://github.com/kovidgoyal/calibre/commit/3a89718664cb8c
    Patch

Remediation

  • openwall.com http://www.openwall.com/lists/oss-security/2017/01/29/8
    Mailing ListPatch
  • openwall.com http://www.openwall.com/lists/oss-security/2017/01/31/9
    Mailing ListPatch
  • github.com https://github.com/kovidgoyal/calibre/commit/3a89718664cb8c
    Patch