CVE-2016-10187

Опубликовано: 16 мар. 2017

Источник: debian

EPSS Низкий

Описание

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.

Пакет	Статус	Версия исправления	Релиз	Тип
calibre	fixed	2.75.1+dfsg-1		package
calibre	no-dsa		jessie	package

Upstream report: https://launchpad.net/bugs/1651728
Upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8cce0449d1758eee585ed0d0433c
https://www.openwall.com/lists/oss-security/2017/01/29/8

EPSS

Процентиль: 56%

0.00338

Низкий

CVE-2016-10187

CVSS3: 5.5

ubuntu

больше 8 лет назад

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.

CVE-2016-10187

CVSS3: 5.5

nvd

больше 8 лет назад

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.

GHSA-xwhv-5h8x-ff8f

CVSS3: 5.5

github

больше 3 лет назад

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.

EPSS

Процентиль: 56%

0.00338

Низкий