Lucene search
Redhat.comRH:CVE-2018-7889HistoryMay 20, 2022 - 11:34 p.m.
CVE-2018-7889
2022-05-2023:34:47
redhat.com
access.redhat.com
9
cve-2018-7889
calibre 3.18
bookmarkmanager.py
remote attackers
arbitrary code
crafted .pickle file
EPSS
0.006
Percentile
79.5%
gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
Related
mageia
mageia
Updated calibre packages fix security vulnerability
2018-10-19 21:00:37
openvas
openvas
Fedora Update for calibre FEDORA-2018-5649824f49
2018-03-21 00:00:00
Mageia: Security Advisory (MGASA-2018-0399)
2022-01-28 00:00:00
Fedora Update for calibre FEDORA-2018-6143b1d911
2018-03-28 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: calibre-3.19.0-1.fc27
2018-03-20 18:26:26
[SECURITY] Fedora 26 Update: calibre-3.19.0-1.fc26
2018-03-27 19:30:43
[SECURITY] Fedora 28 Update: calibre-3.19.0-1.fc28
2018-03-30 13:30:32
prion
prion
Design/Logic Flaw
2018-03-08 21:29:00
archlinux
archlinux
[ASA-201803-8] calibre: arbitrary command execution
2018-03-11 00:00:00
cvelist
cvelist
CVE-2018-7889
2018-03-08 21:00:00
nessus
nessus
Fedora 27 : calibre (2018-5649824f49)
2018-03-21 00:00:00
Fedora 26 : calibre (2018-6143b1d911)
2018-03-28 00:00:00
Fedora 28 : calibre (2018-af8b2c28fe)
2019-01-03 00:00:00
cve
cve
CVE-2018-7889
2018-03-08 21:29:00
debiancve
debiancve
CVE-2018-7889
2018-03-08 21:29:00
nvd
nvd
CVE-2018-7889
2018-03-08 21:29:00
ubuntucve
ubuntucve
CVE-2018-7889
2018-03-08 00:00:00
osv
osv
CVE-2018-7889
2018-03-08 21:29:00