NotCVE - vendor:"Hitachi" product:"Ucosminexus Application Server" version:"07

8 results (0.008 seconds)

CVSS: 9.3EPSS: 1%CPEs: 295EXPL: 0

CVE-2009-4776

https://notcve.org/view.php?id=CVE-2009-4776

Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors related to the use of GIF image processing APIs by a Java application, and a different issue from CVE-2007-3794. Desbordamiento de búfer en Hitachi Cosminexus V4 a la V8, Processing Kit para XML, y Developer's Kit para Java, usado en productos como uCosminexus, Electronic Form Workflow, Groupmax, e IBM XL C/C++ Enterprise Edition 7 y 8, permite a atacantes remotos tener un impacto desconocido a través de vectores relacionados con el uso del procesamiento de imágenes GIF mediante APIs para aplicaciones Java. Cuestión distinta del CVE-2007-3794. • http://osvdb.org/57834 http://secunia.com/advisories/36622 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-014/index.html http://www.securityfocus.com/bid/36309 http://www.vupen.com/english/advisories/2009/2574 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 65EXPL: 0

CVE-2007-4760

https://notcve.org/view.php?id=CVE-2007-4760

The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503. La herramienta javadoc del Kit para Java: Cosminexus Developer's de Cosminexus 7 y 7.5 puede generar documentos HTML que contienen vulnerabilidades de secuencias de comandos en sitios cruzados (XSS), lo cual permite a atacantes remotos inyectar scripts web o HTML de su elección mediante vectores no especificados. NOTA: esto es probablemente idéntico a CVE-2007-3503. • http://secunia.com/advisories/26671 http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html http://www.securityfocus.com/bid/25518 http://www.vupen.com/english/advisories/2007/3033 https://exchange.xforce.ibmcloud.com/vulnerabilities/36393 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 1%CPEs: 56EXPL: 0

CVE-2007-4759

https://notcve.org/view.php?id=CVE-2007-4759

Multiple unspecified vulnerabilities in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service via unspecified vectors. Múltiples vulnerabilidades no especificadas en las APIs image-processing del Kit para Java: Cosminexus Developer's de Cosminexus 4 hasta 7 permiten a atacantes remotos provocar una denegación de servicio mediante vectores no especificados. • http://osvdb.org/37858 http://secunia.com/advisories/26538 http://www.hitachi-support.com/security_e/vuls_e/HS07-028_e/index-e.html http://www.vupen.com/english/advisories/2007/3034 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 3%CPEs: 56EXPL: 0

CVE-2007-4758

https://notcve.org/view.php?id=CVE-2007-4758

Multiple buffer overflows in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors. Múltiples desbordamientos de búfer en las APIs image-processing del Kit para Java: Cosminexus Developer's de Cosminexus 4 hasta 7 permiten a atacantes remotos provocar una denegación de servicio ó ejecutar código de su elección mediante vectores no especificados. • http://osvdb.org/37857 http://secunia.com/advisories/26538 http://www.hitachi-support.com/security_e/vuls_e/HS07-028_e/index-e.html http://www.vupen.com/english/advisories/2007/3034 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.6EPSS: 0%CPEs: 95EXPL: 0

CVE-2007-4564

https://notcve.org/view.php?id=CVE-2007-4564

Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's group permissions to logical user server processes, which allows local users to gain privileges. Cosminexus Manager en Cosminexus Application Server 07-00 y posteriores podrían asignar permisos de grupos de usuarios de forma incorrecta a procesos del servidor de lógica de usuario, el cual permite a usuarios locales ganar privilegios. • http://osvdb.org/37855 http://secunia.com/advisories/26589 http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html http://www.securityfocus.com/bid/25434 https://exchange.xforce.ibmcloud.com/vulnerabilities/36245 • CWE-264: Permissions, Privileges, and Access Controls •

1 2