Batik
CVE-2017-5662
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.
AnalysisAI
In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.
Technical ContextAI
This vulnerability is classified as XML External Entity (XXE) (CWE-611), which allows attackers to read arbitrary files or perform SSRF through XML processing. In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack. Affected products include: Apache Batik. Version information: before 1.9.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Disable external entity processing in XML parsers, use JSON instead of XML where possible.
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before
In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the in
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript.16
A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG.16. Rated high
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files usin
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external re
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru t
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today