CVE-2016-10187
NONE EPSS 84.7%
Published Mar 16, 20179y ago · Modified Jun 17, 20262w ago
Published Mar 16, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.
Threat Intelligence
EPSS Exploit Probability
84.7% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-264
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| calibre-ebook | calibre | * | ≤2.74.0 |
References 5
- openwall.com http://www.openwall.com/lists/oss-security/2017/01/29/8
- openwall.com http://www.openwall.com/lists/oss-security/2017/01/31/9
- securityfocus.com http://www.securityfocus.com/bid/95909
- bugs.launchpad.net https://bugs.launchpad.net/calibre/+bug/1651728
- github.com https://github.com/kovidgoyal/calibre/commit/3a89718664cb8c
Remediation
- openwall.com http://www.openwall.com/lists/oss-security/2017/01/29/8
- openwall.com http://www.openwall.com/lists/oss-security/2017/01/31/9
- github.com https://github.com/kovidgoyal/calibre/commit/3a89718664cb8c