1
PublicDateAtUSN: 2017-04-18
2
Candidate: CVE-2017-5661
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5661
6
http://www.openwall.com/lists/oss-security/2017/04/18/2
7
https://usn.ubuntu.com/usn/usn-3281-1
9
In Apache FOP before 2.2, files lying on the filesystem of the server which
10
uses FOP can be revealed to arbitrary users who send maliciously formed SVG
11
files. The file types that can be shown depend on the user context in which
12
the exploitable application is running. If the user is root a full
13
compromise of the server - including confidential or sensitive files -
14
would be possible. XXE can also be used to attack the availability of the
15
server via denial of service as the references within a xml document can
16
trivially trigger an amplification attack.
20
https://issues.apache.org/jira/browse/FOP-2668
22
Discovered-by: Pierre Ernst
26
upstream: http://svn.apache.org/r1769967
27
upstream: http://svn.apache.org/r1769968
28
upstream_fop: needs-triage
29
precise_fop: ignored (reached end-of-life)
30
precise/esm_fop: DNE (precise was needed)
31
trusty_fop: released (1:1.1.dfsg-2ubuntu1.1)
32
vivid/stable-phone-overlay_fop: DNE
33
vivid/ubuntu-core_fop: DNE
35
yakkety_fop: ignored (reached end-of-life)
36
zesty_fop: ignored (reached end-of-life)