ID
VAR-201001-0336
TITLE
Hitachi Multiple Products Image File Parsing Buffer Overflow Vulnerability
Trust: 0.3
DESCRIPTION
Multiple Hitachi products, including Cosminexus, Processing Kit for XML, and Hitachi Developer's Kit for Java, are prone to a buffer-overflow vulnerability because the software fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | hitachi | model: | ucosminexus/opentp1 web front-end set | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus service platform | scope: | eq | version: | 8 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus service platform | scope: | eq | version: | 7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus service platform | scope: | eq | version: | 6.7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus service architect | scope: | eq | version: | 8 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus service architect | scope: | eq | version: | 7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus service architect | scope: | eq | version: | 6.7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus portal framework entry set | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus operator | scope: | eq | version: | 8 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus operator | scope: | eq | version: | 7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus operator | scope: | eq | version: | 6.7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus navigation platform authoring license | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus navigation platform user license | scope: | eq | version: | -0 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus navigation platform | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus navigation developer | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer standard | scope: | eq | version: | 8 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer standard | scope: | eq | version: | 7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer standard | scope: | eq | version: | 6.7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer standard | scope: | eq | version: | 6 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer professional | scope: | eq | version: | 8 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer professional | scope: | eq | version: | 7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer professional | scope: | eq | version: | 6.7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer professional | scope: | eq | version: | 6 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer light | scope: | eq | version: | 8 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer light | scope: | eq | version: | 7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus developer light | scope: | eq | version: | 6.7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus collaboration server | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus client | scope: | eq | version: | 8 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus client | scope: | eq | version: | 7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus client | scope: | eq | version: | 6.7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus application server standard version | scope: | eq | version: | 6 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus application server standard | scope: | eq | version: | 8 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus application server standard | scope: | eq | version: | 7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus application server standard | scope: | eq | version: | 6.7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus application server enterprise version | scope: | eq | version: | 6 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus application server enterprise | scope: | eq | version: | 8 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus application server enterprise | scope: | eq | version: | 7 | Trust: 0.3 |
| vendor: | hitachi | model: | ucosminexus application server enterprise | scope: | eq | version: | 6.7 | Trust: 0.3 |
| vendor: | hitachi | model: | groupmax collaboration server | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | electronic form workflow standard set | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | electronic form workflow set | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | electronic form workflow professional set | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | electronic form workflow professional library set | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | electronic form workflow developer set | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | electronic form workflow developer client set | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | hitachi | model: | cosminexus studio web edition | scope: | eq | version: | 4 | Trust: 0.3 |
| vendor: | hitachi | model: | cosminexus studio standard edition | scope: | eq | version: | 4 | Trust: 0.3 |
| vendor: | hitachi | model: | cosminexus studio | scope: | eq | version: | 5 | Trust: 0.3 |
| vendor: | hitachi | model: | cosminexus server web edition | scope: | eq | version: | 4 | Trust: 0.3 |
| vendor: | hitachi | model: | cosminexus server standard edition | scope: | eq | version: | 4 | Trust: 0.3 |
| vendor: | hitachi | model: | cosminexus developer light | scope: | eq | version: | 6 | Trust: 0.3 |
| vendor: | hitachi | model: | cosminexus developer | scope: | eq | version: | 5 | Trust: 0.3 |
| vendor: | hitachi | model: | cosminexus client | scope: | eq | version: | 6 | Trust: 0.3 |
| vendor: | hitachi | model: | cosminexus application server | scope: | eq | version: | 5.0 | Trust: 0.3 |
THREAT TYPE
network
Trust: 0.3
TYPE
Boundary Condition Error
Trust: 0.3
EXTERNAL IDS
| db: | HITACHI | id: | HS09-019 | Trust: 0.3 |
| db: | BID | id: | 38000 | Trust: 0.3 |
REFERENCES
| url: | http://www.hitachi.com/index.html | Trust: 0.3 |
| url: | http://www.hitachi.co.jp/prod/comp/soft1/groupmax/product/suiteindex.html#coll | Trust: 0.3 |
| url: | http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs09-019/index.html | Trust: 0.3 |
CREDITS
The issue is reported by the vendor.
Trust: 0.3
SOURCES
| db: | BID | id: | 38000 |
LAST UPDATE DATE
2021-12-17T08:00:05.399000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 38000 | date: | 2010-01-29T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 38000 | date: | 2010-01-29T00:00:00 |