Vulnerability CVE-2015-0250

Vulnerability CVE-2015-0250

Published: 2015-03-24

Description:

	Topic	Author	Date
High	Apache Batik Information Disclosure Vulnerability (XXE Injection)	Timo Schmid	22.03.2015

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.4/10	4.9/10	10/10

Affected software
Redhat -> Jboss enterprise brms platform
Canonical -> Ubuntu linux
Apache -> Batik

http://advisories.mageia.org/MGASA-2015-0138.html

http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html

http://rhn.redhat.com/errata/RHSA-2016-0041.html

http://rhn.redhat.com/errata/RHSA-2016-0042.html

http://seclists.org/fulldisclosure/2015/Mar/142

http://www-01.ibm.com/support/docview.wss?uid=swg21963275

http://www.debian.org/security/2015/dsa-3205

http://www.mandriva.com/security/advisories?name=MDVSA-2015:203

http://www.securitytracker.com/id/1032781

http://www.ubuntu.com/usn/USN-2548-1

http://xmlgraphics.apache.org/security.html