cve/CVE-2015-0250.md at 93476d6c370e261fdc1b2b03a08066de45e4892d

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.

POC

Reference

http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html
http://seclists.org/fulldisclosure/2015/Mar/142

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/DingyShark/BurpSuiteCertifiedPractitioner
https://github.com/yuriisanin/svg2raster-cheatsheet

893 B Raw Blame History

CVE-2015-0250

Description

POC

Reference

Github

893 B

Raw Blame History