Lucene search
MitreCVELIST:CVE-2018-7889HistoryMar 08, 2018 - 9:00 p.m.
CVE-2018-7889
2018-03-0821:00:00
mitre
www.cve.org
5
cve-2018-7889
calibre
remote execution
crafted file
pickle
python code
os.system call
EPSS
0.006
Percentile
79.5%
gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
Related
nessus
nessus
Fedora 26 : calibre (2018-6143b1d911)
2018-03-28 00:00:00
Fedora 28 : calibre (2018-af8b2c28fe)
2019-01-03 00:00:00
Fedora 27 : calibre (2018-5649824f49)
2018-03-21 00:00:00
openvas
openvas
Fedora Update for calibre FEDORA-2018-6143b1d911
2018-03-28 00:00:00
Fedora Update for calibre FEDORA-2018-5649824f49
2018-03-21 00:00:00
Mageia: Security Advisory (MGASA-2018-0399)
2022-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: calibre-3.19.0-1.fc28
2018-03-30 13:30:32
[SECURITY] Fedora 27 Update: calibre-3.19.0-1.fc27
2018-03-20 18:26:26
[SECURITY] Fedora 26 Update: calibre-3.19.0-1.fc26
2018-03-27 19:30:43
ubuntucve
ubuntucve
CVE-2018-7889
2018-03-08 00:00:00
osv
osv
CVE-2018-7889
2018-03-08 21:29:00
archlinux
archlinux
[ASA-201803-8] calibre: arbitrary command execution
2018-03-11 00:00:00
prion
prion
Design/Logic Flaw
2018-03-08 21:29:00
mageia
mageia
Updated calibre packages fix security vulnerability
2018-10-19 21:00:37
debiancve
debiancve
CVE-2018-7889
2018-03-08 21:29:00
nvd
nvd
CVE-2018-7889
2018-03-08 21:29:00
redhatcve
redhatcve
CVE-2018-7889
2022-05-20 23:34:47
cve
cve
CVE-2018-7889
2018-03-08 21:29:00