CVE-2016-9487 (GCVE-0-2016-9487)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-06 02:50
VLAI?
Summary
EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim's trust relationship with other entities.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Credits
Thanks to Craig Arendt for reporting this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:38.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#779243",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/779243"
},
{
"name": "94864",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/94864/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EpubCheck",
"vendor": "EpubCheck",
"versions": [
{
"status": "affected",
"version": "4.0.1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Craig Arendt for reporting this vulnerability."
}
],
"datePublic": "2016-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim\u0027s trust relationship with other entities."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-13T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#779243",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/779243"
},
{
"name": "94864",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/94864/"
}
],
"solutions": [
{
"lang": "en",
"value": "EpubCheck has released version 4.0.2 to address the vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-9487",
"STATE": "PUBLIC",
"TITLE": "EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EpubCheck",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "4.0.1",
"version_value": "4.0.1"
}
]
}
}
]
},
"vendor_name": "EpubCheck"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Craig Arendt for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim\u0027s trust relationship with other entities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#779243",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/779243"
},
{
"name": "94864",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/94864/"
}
]
},
"solution": [
{
"lang": "en",
"value": "EpubCheck has released version 4.0.2 to address the vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-9487",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2016-11-21T00:00:00",
"dateUpdated": "2024-08-06T02:50:38.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:w3:epubcheck:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2959FEA5-E159-49D6-82D2-7571083FA262\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim\u0027s trust relationship with other entities.\"}, {\"lang\": \"es\", \"value\": \"EpubCheck 4.0.1 no restringe correctamente la resoluci\\u00f3n de entidades externas al analizar XML en archivos EPUB durante la validaci\\u00f3n. Un atacante que proporciona un archivo EPUB especialmente manipulado podr\\u00eda ser capaz de explotar este comportamiento para leer archivos arbitrarios o hacer que la v\\u00edctima ejecute peticiones arbitrarias en su nombre, abusando de la relaci\\u00f3n de confianza de la v\\u00edctima con otras entidades.\"}]",
"id": "CVE-2016-9487",
"lastModified": "2024-11-21T03:01:18.603",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2018-07-13T20:29:01.520",
"references": "[{\"url\": \"https://www.kb.cert.org/vuls/id/779243\", \"source\": \"cret@cert.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.securityfocus.com/bid/94864/\", \"source\": \"cret@cert.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/779243\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.securityfocus.com/bid/94864/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cret@cert.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-611\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-611\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-9487\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2018-07-13T20:29:01.520\",\"lastModified\":\"2024-11-21T03:01:18.603\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim\u0027s trust relationship with other entities.\"},{\"lang\":\"es\",\"value\":\"EpubCheck 4.0.1 no restringe correctamente la resoluci\u00f3n de entidades externas al analizar XML en archivos EPUB durante la validaci\u00f3n. Un atacante que proporciona un archivo EPUB especialmente manipulado podr\u00eda ser capaz de explotar este comportamiento para leer archivos arbitrarios o hacer que la v\u00edctima ejecute peticiones arbitrarias en su nombre, abusando de la relaci\u00f3n de confianza de la v\u00edctima con otras entidades.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w3:epubcheck:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2959FEA5-E159-49D6-82D2-7571083FA262\"}]}]}],\"references\":[{\"url\":\"https://www.kb.cert.org/vuls/id/779243\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.securityfocus.com/bid/94864/\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/779243\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.securityfocus.com/bid/94864/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…