[arch-security] [ASA-201504-5] java-batik: xml external entity injection
anthraxx at archlinux.org
Sat Apr 4 13:54:01 UTC 2015
Arch Linux Security Advisory ASA-201504-5
Date : 2015-04-04
CVE-ID : CVE-2015-0250
Package : java-batik
Type : xml external entity injection
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
The package java-batik before version 1.8-1 is vulnerable to xml
external entity injection.
Upgrade to 1.8-1.
# pacman -Syu "java-batik>=1.8-1"
The problem has been fixed upstream in version 1.8.
Batik offers several classes for SVG to PNG/JPG conversion, which suffer
from a XML External Entity Injection due to the evaluation of external
entities within the given SVG file. If an application offers the
possibility to upload a SVG file an attacker can put in a malicious
formed file and retrieve sensitive information such as the content of
files of the respective server. The type of file that can be retrieved
depends on the user context in which the application is running.
A remote attacker is able to use a specially crafted SVG file to read
arbitrary files or cause a denial of service.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the arch-security