3 matches found
Updated calibre packages fix security vulnerability
Updated calibre package fixes security vulnerability: gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...
Calibre Arbitrary Code Execution Vulnerability
Calibre is a free and open source e-book management software. The software provides functions such as formatting books and categorizing and organizing e-books. A security vulnerability exists in the gui2/viewer/bookmarkmanager.py file in Calibre version 3.18. The vulnerability can be exploited by...
Design/Logic Flaw
gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...