Hitachi: >> Ucosminexus Service Platform >> 07_10 Security Vulnerabilities
Multiple buffer overflows in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors.
CVSS Score
10.0
EPSS Score
0.037
Published
2007-09-08
Multiple unspecified vulnerabilities in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.007
Published
2007-09-08
The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503.
CVSS Score
4.3
EPSS Score
0.003
Published
2007-09-08
Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user's group permissions to logical J2EE server processes, which allows local users to gain privileges.
CVSS Score
4.4
EPSS Score
0.001
Published
2007-08-28
Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's group permissions to logical user server processes, which allows local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2007-08-28
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.
CVSS Score
10.0
EPSS Score
0.005
Published
2007-07-15