CWE
NVD-CWE-Other 119
Advisory Published
Updated

CVE-2007-3794: Buffer Overflow

First published: Sun Jul 15 2007(Updated: )

Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Microsoft Windows
Hitachi Cosminexus Server=05_00_05_00_h
Hitachi Cosminexus Server=05_01_05_01_k
Hitachi Cosminexus Server=05_05_05_00_o
Hitachi Cosminexus Server=06_00_06_00_g
Hitachi Cosminexus Server=06_00_06_00_g
Hitachi Cosminexus Server=06_02_06_02_f
Hitachi Cosminexus Server=06_02_06_02_f
Hitachi Cosminexus Server=06_50_06_50_e
Hitachi Cosminexus Server=06_50_06_50_e
Hitachi Cosminexus Server=06_51_06_51_g
Hitachi Cosminexus Server=06_51_06_51_g
Hitachi Cosminexus Client=06_00_06_00_g
Hitachi Cosminexus Client=06_02_06_02_f
Hitachi Cosminexus Client=06_50_06_50_e
Hitachi Cosminexus Client=06_51_06_51_g
Hitachi Cosminexus Developer=05_00_05_00_h
Hitachi Cosminexus Developer=05_01_05_01_k
Hitachi Cosminexus Developer=05_05_05_05_o
Hitachi Cosminexus Developer=06_00_06_00_g
Hitachi Cosminexus Developer=06_00_06_00_g
Hitachi Cosminexus Developer=06_00_06_00_g
Hitachi Cosminexus Developer=06_02_06_02_f
Hitachi Cosminexus Developer=06_02_06_02_f
Hitachi Cosminexus Developer=06_02_06_02_f
Hitachi Cosminexus Developer=06_50_06_50_e
Hitachi Cosminexus Developer=06_50_06_50_e
Hitachi Cosminexus Developer=06_50_06_50_e
Hitachi Cosminexus Developer=06_51_06_51_g
Hitachi Cosminexus Developer=06_51_06_51_g
Hitachi Cosminexus Developer=06_51_06_51_g
Hitachi Cosminexus Server=04_00_04_00_a
Hitachi Cosminexus Server=04_00_04_00_a
Hitachi Cosminexus Server=04_01_04_01_a
Hitachi Cosminexus Server=04_01_04_01_a
Hitachi Cosminexus Studio=04_00_04_00_a
Hitachi Cosminexus Studio=04_00_04_00_a
Hitachi Cosminexus Studio=04_01_04_01_a
Hitachi Cosminexus Studio=04_01_04_01_a
Hitachi Cosminexus Studio=05_05_05_05_o
Hitachi uCosminexus=06_70_06_70_a
Hitachi uCosminexus=06_70_06_70_a
Hitachi uCosminexus=06_70_06_70_b
Hitachi uCosminexus=06_70_06_70_b
Hitachi uCosminexus=06_71_06_71_b
Hitachi uCosminexus=06_71_06_71_b
Hitachi uCosminexus=07_00_07_20
Hitachi uCosminexus=07_00_07_20
Hitachi Cosminexus Client=06_70_06_70_b
Hitachi Cosminexus Client=06_71_06_71_b
Hitachi Cosminexus Client=07_00_07_20
Hitachi ucosminexus Developer professional=06_70_06_70_b
Hitachi ucosminexus Developer professional=06_70_06_70_b
Hitachi ucosminexus Developer professional=06_70_06_70_b
Hitachi ucosminexus Developer professional=06_71_06_71_b
Hitachi ucosminexus Developer professional=06_71_06_71_b
Hitachi ucosminexus Developer professional=06_71_06_71_b
Hitachi uCosminexus=07_00_07_20
Hitachi uCosminexus Service Architect=07_00_07_20
Hitachi uCosminexus Service Platform=07_00_07_20
Linux Kernel
Hitachi Cosminexus Server=05_05_05_05_h
Hitachi Cosminexus Server=06_00_06_00_b
Hitachi Cosminexus Server=06_00_06_00_b
Hitachi Cosminexus Server=06_00_06_00_d
Hitachi Cosminexus Server=06_02_06_02_f
Hitachi Cosminexus Server=06_50_06_50_b
Hitachi Cosminexus Server=06_50_06_50_b
Hitachi Cosminexus Server=06_50_06_50_c
Hitachi Cosminexus Server=06_51_06_51_b
Hitachi Cosminexus Server=06_51_06_51_b
Hitachi Cosminexus Server=06_51_06_51_b
Hitachi Cosminexus Server=06_51_06_51_c
Hitachi uCosminexus=07_00_07_10
Hitachi uCosminexus=07_00_07_10
Hitachi uCosminexus Service Platform=07_00_07_10
HPE HP-UX
Hitachi Cosminexus Server=05_02_05_02_e
Hitachi Cosminexus Server=06_00_06_00_d
Hitachi Cosminexus Server=06_00_06_00_d
Hitachi Cosminexus Server=06_00_06_00_e
Hitachi Cosminexus Server=06_00_06_00_e
Hitachi Cosminexus Server=06_50_06_50_d
Hitachi Cosminexus Server=06_50_06_50_d
Hitachi uCosminexus=06_70_06_70_h
Hitachi uCosminexus=06_70_06_70_h
Hitachi uCosminexus=06_70_06_72
Hitachi uCosminexus=06_70_06_72
Hitachi uCosminexus=07_10
Hitachi uCosminexus=07_10
IBM AIX
Hitachi Cosminexus Server=05_00_05_00_r
Hitachi Cosminexus Server=05_05_05_05_l
Hitachi Cosminexus Server=06_50_06_50_f
Hitachi Cosminexus Server=06_50_06_50_f
Hitachi uCosminexus=06_70_06_70_d
Hitachi uCosminexus=06_70_06_70_d
Hitachi uCosminexus Service Platform=07_10
Oracle Solaris and Zettabyte File System (ZFS)
Hitachi Cosminexus Server=06_00_06_00_a
Hitachi Cosminexus Server=06_00_06_00_a
Hitachi Cosminexus Server=06_50_06_50_c
Hitachi Cosminexus Server=06_50_06_50_c
Hitachi uCosminexus=06_70_06_70_c
Hitachi uCosminexus=06_70_06_70_c
Hitachi uCosminexus=07_00
Hitachi uCosminexus=07_00

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2007-3794?

    The severity of CVE-2007-3794 is classified as potentially high due to the risk of a buffer overflow which could lead to arbitrary code execution.

  • How do I fix CVE-2007-3794?

    To fix CVE-2007-3794, update your Hitachi Cosminexus software to the latest versions that are available after the patches released on May 11, 2007, for XML Processing Kit.

  • Which versions of Hitachi software are affected by CVE-2007-3794?

    CVE-2007-3794 affects Hitachi Cosminexus V4 through V7, Processing Kit for XML before May 11, 2007, and Developer's Kit for Java before March 12, 2007.

  • How does CVE-2007-3794 exploit occur?

    CVE-2007-3794 exploit occurs when an attacker uses crafted GIF images to exploit the vulnerabilities in the GIF image processing APIs.

  • What are the potential impacts of CVE-2007-3794?

    The potential impacts of CVE-2007-3794 include remote code execution, system compromise, and unauthorized access to sensitive data.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203