CVE-2015-0250 | Vulnerability Database | Aqua Security

XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.

Affected Software

Name	Vendor	Start Version	End Version
Ubuntu_linux	Canonical	12.04 (including)	12.04 (including)
Ubuntu_linux	Canonical	14.04 (including)	14.04 (including)
Ubuntu_linux	Canonical	14.10 (including)	14.10 (including)
Red Hat JBoss BPMS 6.1	RedHat	batik	*
Red Hat JBoss BPMS 6.2	RedHat	batik	*
Red Hat JBoss BRMS 6.1	RedHat	batik	*
Red Hat JBoss BRMS 6.2	RedHat	batik	*
Batik	Ubuntu	devel	*
Batik	Ubuntu	lucid	*
Batik	Ubuntu	precise	*
Batik	Ubuntu	trusty	*
Batik	Ubuntu	upstream	*
Batik	Ubuntu	utopic	*

References

http://advisories.mageia.org/MGASA-2015-0138.html
http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html
http://rhn.redhat.com/errata/RHSA-2016-0041.html
http://rhn.redhat.com/errata/RHSA-2016-0042.html
http://seclists.org/fulldisclosure/2015/Mar/142
http://www-01.ibm.com/support/docview.wss?uid=swg21963275
http://www.debian.org/security/2015/dsa-3205
http://www.mandriva.com/security/advisories?name=MDVSA-2015:203
http://www.securitytracker.com/id/1032781
http://www.ubuntu.com/usn/USN-2548-1
http://xmlgraphics.apache.org/security.html
http://advisories.mageia.org/MGASA-2015-0138.html
http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html
http://rhn.redhat.com/errata/RHSA-2016-0041.html
http://rhn.redhat.com/errata/RHSA-2016-0042.html
http://seclists.org/fulldisclosure/2015/Mar/142
http://www-01.ibm.com/support/docview.wss?uid=swg21963275
http://www.debian.org/security/2015/dsa-3205
http://www.mandriva.com/security/advisories?name=MDVSA-2015:203
http://www.securitytracker.com/id/1032781
http://www.ubuntu.com/usn/USN-2548-1
http://xmlgraphics.apache.org/security.html

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-0250
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html