High severity7.8NVD Advisory· Published Jul 13, 2018· Updated Jun 17, 2026
CVE-2016-9487
CVE-2016-9487
Description
EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim's trust relationship with other entities.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- EpubCheck/EpubCheckv5Range: 4.0.1
Patches
Vulnerability mechanics
References
2- www.kb.cert.org/vuls/id/779243nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/94864/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.