Uploaded image for project: 'Batik'
  1. Batik
  2. BATIK-1018

"XML External Entities" vulnerability

    Details

    • Type: Bug
    • Status: Resolved
    • Resolution: Fixed
    • Affects Version/s: 1.8
    • Fix Version/s: 1.9
    • Component/s: Web Site
    • Labels:
      None
    • Environment:
      Operating System: All
      Platform: All

      Description

      During visualization with Squiggle or rasterization via the CLI tool, XML external entities defined in the DTD are dereferenced and the content of the target file is included in the output.

      The impact of this vulnerability range form denial of service to file disclosure. Under Windows, it can also be used to steal LM/NTLM hashes.

      For some additional information about XXE attacks, please refer to http://cwe.mitre.org/data/definitions/827.html

      How to reproduce:
      $> rasterizer xxe.svg -d xxe.png

        Attachments

        1. xxe.svg
          0.6 kB
          Nicolas GREGOIRE
        2. xxe.png
          125 kB
          Nicolas GREGOIRE
        3. ssrf.svg
          0.3 kB
          Lars Krapf

          Issue Links

            Activity

              People

              • Assignee:
                batik-dev@xmlgraphics.apache.org Batik Developer's Mailing list
                Reporter:
                nicolas.gregoire@agarri.fr Nicolas GREGOIRE
              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: