CVE-2016-1789

CVE Database · CVE-2016-1789

CVE-2016-1789

· N/AModified

CVSS v3.1

N/A

EPSS

0.94%

Published

Apr 5, 2016

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Apple iBooks Author before 2.4.1 allows remote attackers to read arbitrary files via an iBooks Author file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Affected Products (1)

apple · ibooks_authorvulnerable

References (4)

http://lists.apple.com/archives/security-announce/2016/Mar/msg00008.html

https://support.apple.com/kb/HT206224

Vendor Advisory

http://lists.apple.com/archives/security-announce/2016/Mar/msg00008.html

https://support.apple.com/kb/HT206224

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs