479 matches found
PT-2015-4542 · Apache +2 · Apache Batik +2
Name of the Vulnerable Software and Affected Versions: Apache Batik versions 1.x before 1.8 Description: The issue is related to an XML external entity XXE vulnerability in the SVG to PNG and JPG conversion classes. This allows remote attackers to read arbitrary files or cause a denial of service...
CVE-2015-0250
XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...
UBUNTU-CVE-2015-0250
XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...
CVE-2014-7016
The Mahasna Batik aka com.batik.mahasna application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Design/Logic Flaw
The Mahasna Batik aka com.batik.mahasna application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7016
The Mahasna Batik aka com.batik.mahasna application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7016
The CVE-2014-7016 entry concerns the Mahasna Batik (com.batik.mahasna) Android app (version 1.0). The root cause is failure to verify X.509 certificates when establishing SSL connections, allowing man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certific...
Squiggle 1.7 SVG Browser Java Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Squiggle 1.7 - SVG Browser Java Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Squiggle 1.7 SVG...
Squiggle 1.7 SVG Browser Java Code Execution
Exploit for multiple platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...
Squiggle 1.7 SVG Browser Java Code Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Squiggle 1.7 SVG...
Squiggle 1.7 SVG Browser Java Code Execution
This module abuses the SVG support to execute Java Code in the Squiggle Browser included in the Batik framework 1.7 through a crafted SVG file referencing a jar file. In order to gain arbitrary code execution, the browser must meet the following conditions: 1 It must support at least SVG version...
CVE-2005-0508
Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."...
CVE-2005-0508
Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."...
DEBIAN-CVE-2005-0508
Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."...
CVE-2005-0508
CVE-2005-0508 affects Batik’s Squiggle component prior to Batik 1.5.1. The vulnerability allows bypassing certain access controls via features of the Rhino JavaScript engine due to a script security issue. Root cause is tied to Rhino scripting security in Squiggle. Affected software is Batik (Squ...
CVE-2005-0508
Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."...
Apache Batik Squiggle SVG browser protection bypass
No description provided...
[SA14336] Batik Squiggle Browser Unspecified Security Bypass
TITLE: Batik Squiggle Browser Unspecified Security Bypass SECUNIA ADVISORY ID: SA14336 VERIFY ADVISORY: http://secunia.com/advisories/14336/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Batik 1.x http://secunia.com/product/4685/ DESCRIPTION: A vulnerability h...