Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Primary rating from Vendor (mitre) · only source for this CVE.
CVSS VectorVendor: mitre
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
An arbitrary file overwrite vulnerability in the file import process of Comic Book Reader v1.0.95 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information.
AnalysisAI
file import process of Comic Book Reader v1.0.95 contains a vulnerability that allows attackers to overwrite critical internal files, potentially leading to arbitrary code executi (CVSS 6.5).
Technical ContextAI
affects file import process of Comic Book Reader v1.0.95. An arbitrary file overwrite vulnerability in the file import process of Comic Book Reader v1.0.95 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information.
Affected ProductsAI
Product: file import process of Comic Book Reader v1.0.95.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
Same weakness CWE-73 – External Control of File Name or Path
View allShare
External POC / Exploit Code
Leaving vuln.today