Download
| Alert*
|
oval:org.secpod.oval:def:57845
The host is installed with Calibre version 3.18 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a crafted .pickle file. Successful exploitation could allow remote attackers to execute arbitrary code via a crafted .pickle file. oval:org.secpod.oval:def:2000264 gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call. oval:org.secpod.oval:def:114205 Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the concept ... oval:org.secpod.oval:def:114155 Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the concept ... |
