NotCVE - vendor:"Hitachi" product:"Cosminexus Application Server" version:"06_51_06_51

7 results (0.010 seconds)

CVSS: 9.8EPSS: 1%CPEs: 295EXPL: 0

CVE-2009-4776

https://notcve.org/view.php?id=CVE-2009-4776

21 Apr 2010 — Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors related to the use of GIF image processing APIs by a Java application, and a different issue from CVE-2007-3794. Desbordamiento de búfer en Hitachi Cosminexus V4 a la V8, Processing Kit para XML, y Developer's Kit para Ja... • http://osvdb.org/57834 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 95EXPL: 0

CVE-2007-4563

https://notcve.org/view.php?id=CVE-2007-4563

28 Aug 2007 — Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user's group permissions to logical J2EE server processes, which allows local users to gain privileges. Cosminexus Manager en Cosminexus Application Server 06-50 y posteriores podrían asignar los permisos de grupos de usuario erroneamente a los procesos del servidor lógico J2EE, el cual permite a usuarios locales ganar privilegios. • http://osvdb.org/37854 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 0%CPEs: 95EXPL: 0

CVE-2007-4564

https://notcve.org/view.php?id=CVE-2007-4564

28 Aug 2007 — Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's group permissions to logical user server processes, which allows local users to gain privileges. Cosminexus Manager en Cosminexus Application Server 07-00 y posteriores podrían asignar permisos de grupos de usuarios de forma incorrecta a procesos del servidor de lógica de usuario, el cual permite a usuarios locales ganar privilegios. • http://osvdb.org/37855 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 8.8EPSS: 0%CPEs: 22EXPL: 0

CVE-2007-4124

https://notcve.org/view.php?id=CVE-2007-4124

01 Aug 2007 — The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges. La función de recuperación de sesión ante fallos en Cosminexus Component Container de Cosminexus 6, 6.7, y 7 anterior al 31/07/2007, como el usado en ... • http://osvdb.org/37852 •

CVSS: 10.0EPSS: 0%CPEs: 125EXPL: 0

CVE-2007-3794

https://notcve.org/view.php?id=CVE-2007-3794

15 Jul 2007 — Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application. Desbordamiento de búfer en Hitachi Cosminexus V4 hasta V7, Processing Kit para XML versiones anteriores a 20070511, Developer's Kit para Java versiones anteriores a 20070312, y productos de terc... • http://osvdb.org/37851 •

CVSS: 7.8EPSS: 1%CPEs: 29EXPL: 0

CVE-2007-3626

https://notcve.org/view.php?id=CVE-2007-3626

09 Jul 2007 — Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before 20070706 allows remote attackers to cause a denial of service (daemon crash) via a certain request. Vulnerabilidad no especificada en el demonio ADM en Hitachi TPBroker anterior a 20070706 permite a atacantes remotos provocar denegación de servicio (caida de demonio) a través de ciertas respuestas. • http://osvdb.org/37847 •

CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0

CVE-2007-0514

https://notcve.org/view.php?id=CVE-2007-0514

26 Jan 2007 — Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Hitachi Web Server, uCosminexus, y productos Cosminexus anteriores al 24/01/2007 permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante (1) cabe... • http://osvdb.org/32997 •