Sign-up

ID

VAR-201011-0301


TITLE

Hitachi Multiple Groupmax Product Unknown Buffer Overflow Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2010-2860

DESCRIPTION

The Hitachi Groupmax client product has vulnerabilities that allow malicious users to conduct denial of service attacks or execute arbitrary code. An unknown error when processing a file can cause a buffer overflow. Successful exploitation of the vulnerability could execute arbitrary code in the application security context. Multiple Hitachi Groupmax products are prone to an unspecified buffer-overflow vulnerability. Successful exploits will compromise the application and possibly the underlying system. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. Join the beta: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Hitachi Groupmax Client Products Unspecified Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42303 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42303/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42303 RELEASE DATE: 2010-11-17 DISCUSS ADVISORY: http://secunia.com/advisories/42303/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42303/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42303 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in multiple Hitachi Groupmax Client products, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system. Please see the vendor's advisory for the list of affected products. SOLUTION: Apply patches. Please see the vendor's advisory for more details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HS10-028: http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-028/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 0.9

sources: CNVD: CNVD-2010-2860 // BID: 44906 // PACKETSTORM: 95923

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2010-2860

AFFECTED PRODUCTS

vendor:hitachimodel:groupmax client light exscope: - version: -

Trust: 0.6

vendor:hitachimodel:groupmax integrated desktopscope: - version: -

Trust: 0.6

vendor:hitachimodel:groupmax client lightscope: - version: -

Trust: 0.6

vendor:hitachimodel:groupmax world wide web desktopscope: - version: -

Trust: 0.6

vendor:hitachimodel:groupmax world wide web desktopscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:groupmax integrated desktopscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:groupmax groupware clientscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:groupmax client light exscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:groupmax client lightscope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2010-2860 // BID: 44906

THREAT TYPE

network

Trust: 0.3

sources: BID: 44906

TYPE

Boundary Condition Error

Trust: 0.3

sources: BID: 44906

PATCH

title:Patch for Hitachi Multiple Groupmax Product Unknown Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/1774

Trust: 0.6

sources: CNVD: CNVD-2010-2860

EXTERNAL IDS

db:BIDid:44906

Trust: 0.9

db:SECUNIAid:42303

Trust: 0.8

db:CNVDid:CNVD-2010-2860

Trust: 0.6

db:HITACHIid:HS10-028

Trust: 0.4

db:PACKETSTORMid:95923

Trust: 0.1

sources: CNVD: CNVD-2010-2860 // BID: 44906 // PACKETSTORM: 95923

REFERENCES

url:http://secunia.com/advisories/42303/

Trust: 0.7

url:http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs10-028/index.html

Trust: 0.4

url:http://www.hitachi.com/index.html

Trust: 0.3

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=42303

Trust: 0.1

url:http://secunia.com/products/corporate/evm/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/products/corporate/vim/

Trust: 0.1

url:http://secunia.com/advisories/42303/#comments

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2010-2860 // BID: 44906 // PACKETSTORM: 95923

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 44906

SOURCES

db:CNVDid:CNVD-2010-2860
db:BIDid:44906
db:PACKETSTORMid:95923

LAST UPDATE DATE

2022-05-17T02:02:41.983000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2010-2860date:2010-11-18T00:00:00
db:BIDid:44906date:2010-11-17T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2010-2860date:2010-11-18T00:00:00
db:BIDid:44906date:2010-11-17T00:00:00
db:PACKETSTORMid:95923date:2010-11-17T04:02:08