About the security content of iBooks Author 2.4.1 - Apple Support

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website. For information about...

CVE-2016-1789

Apple iBooks Author before 2.4.1 allows remote attackers to read arbitrary files via an iBooks Author file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

CVE-2016-1789

CVE-2016-1789 affects Apple iBooks Author prior to 2.4.1. The issue is an XML External Entity (XXE) vulnerability in iBooks Author parsing that allows a malicious iBooks Author file to disclose arbitrary user files. The root cause involves an XML external entity declaration used alongside an enti...

About the security content of iBooks Author 2.4.1

About the security content of iBooks Author 2.4.1 This document describes the security content of iBooks Author 2.4.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases ar...