CVE-2015-0250

NONECVSS 0.0

0.0

XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.

🔗 References (22)

secalert@redhathttp://advisories.mageia.org/MGASA-2015-0138.html
secalert@redhathttp://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2016-0041.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2016-0042.html
secalert@redhathttp://seclists.org/fulldisclosure/2015/Mar/142
secalert@redhathttp://www-01.ibm.com/support/docview.wss?uid=swg21963275
secalert@redhathttp://www.debian.org/security/2015/dsa-3205
secalert@redhathttp://www.mandriva.com/security/advisories?name=MDVSA-2015:203
secalert@redhathttp://www.securitytracker.com/id/1032781
secalert@redhathttp://www.ubuntu.com/usn/USN-2548-1
secalert@redhathttp://xmlgraphics.apache.org/security.html
af854a3a-2127-422b-91ae-364da2661108http://advisories.mageia.org/MGASA-2015-0138.html
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-0041.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-0042.html

Is Your Infrastructure Affected by CVE-2015-0250?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2015-0250

📅 Published

🔄 Last Modified

🔗 References (22)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2015-0250?