CVE-2018-7889

moderate-risk
Published 2018-03-08

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.

Do I need to act?

!
10.9% chance of exploitation in next 30 days
EPSS score — higher than 89% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Calibre-Ebook

References (4)

Exploit https://bugs.launchpad.net/calibre/+bug/1753870
Patch https://github.com/kovidgoyal/calibre/commit/aeb5b036a0bf657951756688b3c72bd68b6...
Exploit https://bugs.launchpad.net/calibre/+bug/1753870
Patch https://github.com/kovidgoyal/calibre/commit/aeb5b036a0bf657951756688b3c72bd68b6...
40
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 11/34 · Low
Exposure 5/34 · Minimal