EUVD-2016-10293

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-9487

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially...

CVE-2016-9487

EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf...

CVE-2016-9487

EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf...

CVE-2016-9487

EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf...

Xxe

EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf...

CVE-2016-9487 EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks

EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf...

CVE-2016-9487

Summary of CVE-2016-9487 (EpubCheck 4.0.1): The vulnerability arises from improper restriction of XML External Entities (XXE) when parsing XML in EPUBs during validation, allowing a specially crafted EPUB to read arbitrary files or cause the victim to issue arbitrary requests leveraging trust rel...

XML External Entity (XXE)

EpubCheck is vulnerable to XML External Entities. A malicious user can pass a malicious EPUB file to read information from the system, access the internal network or cause a denial of service within the application...

EpubCheck 4.0.1 contains a XML external entity processing vulnerability

Overview EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks. Description EpubCheck is a tool to validate that EPUB files follow the proper format. It can be used as a stand alone command line utility, or included in a project most commonly being epub readers as a...