Vulnerability CVE-2009-4776


Published: 2010-04-21   Modified: 2012-02-13

Description:
Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors related to the use of GIF image processing APIs by a Java application, and a different issue from CVE-2007-3794.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Hitachi -> Ibm xl c/c++ v8 for aix & hitachi developer's kit for java 
Hitachi -> Cosminexus/opentp1 web web front-endset 
Hitachi -> Processing kit for xml 
Hitachi -> Cosminexus application server 
Hitachi -> Ucosminexus/opentp1 web web front-endset 
Hitachi -> Cosminexus client 
Hitachi -> Ucosminexus application server 
Hitachi -> Cosminexus developer 
Hitachi -> Ucosminexus client 
Hitachi -> Cosminexus server 
Hitachi -> Ucosminexus collaboration 
Hitachi -> Cosminexus studio 
Hitachi -> Ucosminexus developer 
Hitachi -> Developer's kit for java 
Hitachi -> Ucosminexus operator 
Hitachi -> Electronic form workflow-developer client set 
Hitachi -> Ucosminexus service architect 
Hitachi -> Electronic form workflow-developer set 
Hitachi -> Ucosminexus service platform 
Hitachi -> Electronic form workflow-professional library set 
Hitachi -> Electronic form workflow-professional set 
Hitachi -> Electronic form workflow-standard set 
Hitachi -> Electronic form workflow set 
Hitachi -> Groupmax collaboration 
Hitachi -> Ibm xl c/c++ v7 for aix & hitachi developer's kit for java 

 References:
http://www.vupen.com/english/advisories/2009/2574
http://www.securityfocus.com/bid/36309
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-014/index.html
http://secunia.com/advisories/36622
http://osvdb.org/57834

Copyright 2024, cxsecurity.com

 

Back to Top