Adobe.Digital.Editions.Epub.XXE.Information.Disclosure

description-logoDescription

This indicates an attack attempt against an Information Disclosure vulnerability in multiple products.
The vulnerabilities is due to an error in the application when handling a crafted XML file. A remote attacker can exploit this to gain unauthorized access to sensitive information, via a crafted XML file.

affected-products-logoAffected Products

Adobe Systems Digital Editions prior to 4.5.3
Cisco Systems Evolved Programmable Network Manager prior to 3.1.6
Cisco Systems Prime Infrastructure prior to 3.1.6
Subsonic 6.1.1
Asus DSL-AC51
Asus DSL-AC52U
Asus DSL-AC55U
Asus DSL-N55U C1
Asus DSL-N55U D1
Asus DSL-AC56U
Asus DSL-N10_C1
Asus DSL-N12U C1
Asus DSL-N12E C1
Asus DSL-N14U
Asus DSL-N14U-B1
Asus DSL-N16
Asus DSL-N16U
Asus DSL-N17U
Asus DSL-N66U
Asus DSL-AC750

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-06-10 14.629 Severity:medium:high
2019-05-08 14.609 Name:XML.
External.
Entity.
Injection:Adobe.
Digital.
Editions.
Epub.
XXE.
Information.
Disclosure
2019-04-18 14.597 Sig Added

References

APSB16-45