bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/dos/18890.txt
Offensive Security d63de06c7a DB: 2022-11-10 
2776 changes to exploits/shellcodes/ghdb
2022-11-10 16:39:50 +00:00

18 lines
No EOL
681 B
Text
Raw Permalink Blame History

SVG is a XML-based file format for static or animated images. Some SVG
specifications (like SVG 1.1 and SVG Tiny 1.2) allow to trigger some
Java code when the SVG file is opened.
Given that I had to look at these features for a customer, I developed
some PoC codes which are now available online:
http://www.agarri.fr/docs/batik-evil.svg
http://www.agarri.fr/docs/batik-evil.jar
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/18890.svg
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/18890.jar
I published a more detailed article on my blog:
http://www.agarri.fr/blog/
Regards,
Nicolas Grégoire / @Agarri_FR
Reference in a new issue View git blame Copy permalink