CVE-2015-0250
batik: XML External Entity (XXE) injection in SVG parsing
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
Vulnerabilidad de entidad externa XML (XXE) en los gráficos vectoriales redimensionables en las clases de conversión (1) PNG y (2) JPG en Apache Batik 1.x anterior a 1.8 permite a atacantes remotos leer ficheros arbitrarios o causar una denegación de servicio a través de un fichero de gráficos vectoriales redimensionables manipulado.
It was found that batik was vulnerable to XML External Entity attacks when parsing SVG files. A remote attacker able to send malicious SVG content to the affected server could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-11-18 CVE Reserved
- 2015-03-23 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-611: Improper Restriction of XML External Entity Reference
CAPEC
References (13)
URL | Tag | Source |
---|---|---|
http://advisories.mageia.org/MGASA-2015-0138.html | X_refsource_confirm | |
http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html | X_refsource_misc | |
http://www-01.ibm.com/support/docview.wss?uid=swg21963275 | X_refsource_confirm | |
http://www.securitytracker.com/id/1032781 | Vdb Entry |
URL | Date | SRC |
---|---|---|
http://seclists.org/fulldisclosure/2015/Mar/142 | 2024-08-06 |
URL | Date | SRC |
---|---|---|
http://www.ubuntu.com/usn/USN-2548-1 | 2017-11-04 |
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2016-0041.html | 2017-11-04 | |
http://rhn.redhat.com/errata/RHSA-2016-0042.html | 2017-11-04 | |
http://www.debian.org/security/2015/dsa-3205 | 2017-11-04 | |
http://www.mandriva.com/security/advisories?name=MDVSA-2015:203 | 2017-11-04 | |
http://xmlgraphics.apache.org/security.html | 2017-11-04 | |
https://access.redhat.com/security/cve/CVE-2015-0250 | 2016-01-14 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1203762 | 2016-01-14 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | lts |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.10" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Batik Search vendor "Apache" for product "Batik" | <= 1.7 Search vendor "Apache" for product "Batik" and version " <= 1.7" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Jboss Enterprise Brms Platform Search vendor "Redhat" for product "Jboss Enterprise Brms Platform" | <= 6.1.2 Search vendor "Redhat" for product "Jboss Enterprise Brms Platform" and version " <= 6.1.2" | - |
Affected
|