Home

CVE-2016-10187

Description

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.39

Associated Vulnerability

VulnerabilityOS Platform
Upgrade Calibre (x64) 2.74.0 to latest versionWindows
Upgrade calibre 2.74.0 to latest versionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-342947Calibre (x64) (7.21.0)
PATCH-325330Calibre (5.44.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234