Podatność CVE-2009-4776


Publikacja: 2010-04-21   Modyfikacja: 2012-02-13

Opis:
Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors related to the use of GIF image processing APIs by a Java application, and a different issue from CVE-2007-3794.

Typ:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
9.3/10
10/10
8.6/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Średnia
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Pełny
Pełny
Pełny
Affected software
Hitachi -> Cosminexus/opentp1 web web front-endset 
Hitachi -> Processing kit for xml 
Hitachi -> Cosminexus application server 
Hitachi -> Ucosminexus/opentp1 web web front-endset 
Hitachi -> Cosminexus client 
Hitachi -> Ucosminexus application server 
Hitachi -> Cosminexus developer 
Hitachi -> Ucosminexus client 
Hitachi -> Cosminexus server 
Hitachi -> Ucosminexus collaboration 
Hitachi -> Cosminexus studio 
Hitachi -> Ucosminexus developer 
Hitachi -> Developer's kit for java 
Hitachi -> Ucosminexus operator 
Hitachi -> Electronic form workflow-developer client set 
Hitachi -> Ucosminexus service architect 
Hitachi -> Electronic form workflow-developer set 
Hitachi -> Ucosminexus service platform 
Hitachi -> Electronic form workflow-professional library set 
Hitachi -> Electronic form workflow-professional set 
Hitachi -> Electronic form workflow-standard set 
Hitachi -> Electronic form workflow set 
Hitachi -> Groupmax collaboration 
Hitachi -> Ibm xl c/c++ v7 for aix & hitachi developer's kit for java 
Hitachi -> Ibm xl c/c++ v8 for aix & hitachi developer's kit for java 

 Referencje:
http://www.vupen.com/english/advisories/2009/2574
http://www.securityfocus.com/bid/36309
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-014/index.html
http://secunia.com/advisories/36622
http://osvdb.org/57834

Copyright 2020, cxsecurity.com

 

Back to Top