All the vulnerabilites related to Hitachi, Ltd - uCosminexus ERP Integrator
jvndb-2007-001133
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Cosminexus Component Container Session Handling Vulnerability
Details
The session failover function in Cosminexus Component Container may fail to handle session information properly and allow one user's session data to be used as aonther user's session data.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-001133.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "The session failover function in Cosminexus Component Container may fail to handle session information properly and allow one user\u0027s session data to be used as aonther user\u0027s session data.", "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-001133.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server", "@product": "Cosminexus Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_collaboration", "@product": "Cosminexus Collaboration", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_component_container", "@product": "Cosminexus Component Container", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer", "@product": "Cosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_erp_integrator", "@product": "Cosminexus ERP Integrator", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_opentp1", "@product": "Cosminexus/OpenTP1", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:electronic_form_workflow", "@product": "Electronic Form Workflow", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:groupmax_collaboration", "@product": "Groupmax Collaboration", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server", "@product": "uCosminexus Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_collaboration", "@product": "uCosminexus Collaboration", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator", "@product": "uCosminexus ERP Integrator", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_opentp1", "@product": "uCosminexus/OpenTP1 ", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service", "@product": "uCosminexus Service", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "4.9", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2007-001133", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4124", "@id": "CVE-2007-4124", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4124", "@id": "CVE-2007-4124", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/26250", "@id": "SA26250", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/25145", "@id": "25145", "@source": "BID" }, { "#text": "http://xforce.iss.net/xforce/xfdb/35706", "@id": "35706", "@source": "XF" }, { "#text": "http://www.frsirt.com/english/advisories/2007/2725", "@id": "FrSIRT/ADV-2007-2725", "@source": "FRSIRT" } ], "title": "Cosminexus Component Container Session Handling Vulnerability" }
jvndb-2007-000700
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Cosminexus javadoc Cross-Site Scripting Vulnerability
Details
The javadoc command of Cosminexus may generate an HTML file that contains cross-site scripting vulnerabilities.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000700.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "The javadoc command of Cosminexus may generate an HTML file that contains cross-site scripting vulnerabilities.", "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000700.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java", "@product": "Cosminexus Developer\u0027s Kit for Java(TM)", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:electronic_form_workflow", "@product": "Electronic Form Workflow", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server", "@product": "uCosminexus Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_client", "@product": "uCosminexus Client", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator", "@product": "uCosminexus ERP Integrator", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_operator", "@product": "uCosminexus Operator", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service", "@product": "uCosminexus Service", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "4.3", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2007-000700", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4760", "@id": "CVE-2007-4760", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4760", "@id": "CVE-2007-4760", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/26671", "@id": "SA26671", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/25518", "@id": "25518", "@source": "BID" }, { "#text": "http://xforce.iss.net/xforce/xfdb/36393", "@id": "36393", "@source": "XF" }, { "#text": "http://www.frsirt.com/english/advisories/2007/3033", "@id": "FrSIRT/ADV-2007-3033", "@source": "FRSIRT" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-79", "@title": "Cross-site Scripting(CWE-79)" } ], "title": "Cosminexus javadoc Cross-Site Scripting Vulnerability" }
jvndb-2007-000702
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities
Details
The image-processing APIs in Cosminexus Developer's Kit for Java is vulnerable to buffer overflow and a Denial od Service (DoS).
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000702.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "The image-processing APIs in Cosminexus Developer\u0027s Kit for Java is vulnerable to buffer overflow and a Denial od Service (DoS).", "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000702.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server", "@product": "Cosminexus Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_client", "@product": "Cosminexus Client ", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_collaboration", "@product": "Cosminexus Collaboration", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer", "@product": "Cosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java", "@product": "Cosminexus Developer\u0027s Kit for Java(TM)", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_erp_integrator", "@product": "Cosminexus ERP Integrator", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_opentp1", "@product": "Cosminexus/OpenTP1", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server", "@product": "Cosminexus Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_studio", "@product": "Cosminexus Studio", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:electronic_form_workflow", "@product": "Electronic Form Workflow", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:groupmax_collaboration", "@product": "Groupmax Collaboration", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java", "@product": "Hitachi Developer\u0027s Kit for Java", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:processing_kit_for_xml", "@product": "Processing Kit for XML", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server", "@product": "uCosminexus Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_client", "@product": "uCosminexus Client", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_collaboration", "@product": "uCosminexus Collaboration", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator", "@product": "uCosminexus ERP Integrator", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_opentp1", "@product": "uCosminexus/OpenTP1 ", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_operator", "@product": "uCosminexus Operator", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service", "@product": "uCosminexus Service", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "7.5", "@severity": "High", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2007-000702", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4758", "@id": "CVE-2007-4758", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4758", "@id": "CVE-2007-4758", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/26538", "@id": "SA26538", "@source": "SECUNIA" }, { "#text": "http://xforce.iss.net/xforce/xfdb/36618", "@id": "36618", "@source": "XF" }, { "#text": "http://www.frsirt.com/english/advisories/2007/3034", "@id": "FrSIRT/ADV-2007-3034", "@source": "FRSIRT" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-119", "@title": "Buffer Errors(CWE-119)" } ], "title": "Cosminexus Developer\u0027s Kit for Java Buffer Overflow and Denial of Service Vulnerabilities" }
jvndb-2007-000701
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java Buffer Overflow Vulnerabilities
Details
Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java may suffer from buffer overflow when a Java application handles GIF images with the image-processing APIs.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000701.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java may suffer from buffer overflow when a Java application handles GIF images with the image-processing APIs.", "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000701.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server", "@product": "Cosminexus Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_client", "@product": "Cosminexus Client ", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_collaboration", "@product": "Cosminexus Collaboration", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer", "@product": "Cosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java", "@product": "Cosminexus Developer\u0027s Kit for Java(TM)", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_erp_integrator", "@product": "Cosminexus ERP Integrator", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_opentp1", "@product": "Cosminexus/OpenTP1", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server", "@product": "Cosminexus Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_studio", "@product": "Cosminexus Studio", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:electronic_form_workflow", "@product": "Electronic Form Workflow", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:groupmax_collaboration", "@product": "Groupmax Collaboration", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java", "@product": "Hitachi Developer\u0027s Kit for Java", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:processing_kit_for_xml", "@product": "Processing Kit for XML", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server", "@product": "uCosminexus Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_client", "@product": "uCosminexus Client", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_collaboration", "@product": "uCosminexus Collaboration", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator", "@product": "uCosminexus ERP Integrator", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_opentp1", "@product": "uCosminexus/OpenTP1 ", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_operator", "@product": "uCosminexus Operator", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service", "@product": "uCosminexus Service", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "7.5", "@severity": "High", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2007-000701", "sec:references": [ { "#text": "http://jvn.jp/cert/JVNTA07-022A/index.html", "@id": "JVNTA07-022A", "@source": "JVN" }, { "#text": "http://jvn.jp/tr/TRTA07-022A/index.html", "@id": "TRTA07-022A", "@source": "JVNTR" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3794", "@id": "CVE-2007-3794", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3794", "@id": "CVE-2007-3794", "@source": "NVD" }, { "#text": "http://www.us-cert.gov/cas/alerts/SA07-022A.html", "@id": "SA07-022A", "@source": "CERT-SA" }, { "#text": "http://www.us-cert.gov/cas/techalerts/TA07-022A.html", "@id": "TA07-022A", "@source": "CERT-TA" }, { "#text": "http://secunia.com/advisories/26025", "@id": "SA26025", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/24905", "@id": "24905", "@source": "BID" }, { "#text": "http://xforce.iss.net/xforce/xfdb/36022", "@id": "36022", "@source": "XF" }, { "#text": "http://www.frsirt.com/english/advisories/2007/2534", "@id": "FrSIRT/ADV-2007-2534", "@source": "FRSIRT" } ], "title": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java Buffer Overflow Vulnerabilities" }