CVE-2007-3794: Buffer Overflow
First published: Sun Jul 15 2007(Updated: )
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows | ||
| Hitachi Cosminexus Server | =05_00_05_00_h | |
| Hitachi Cosminexus Server | =05_01_05_01_k | |
| Hitachi Cosminexus Server | =05_05_05_00_o | |
| Hitachi Cosminexus Server | =06_00_06_00_g | |
| Hitachi Cosminexus Server | =06_00_06_00_g | |
| Hitachi Cosminexus Server | =06_02_06_02_f | |
| Hitachi Cosminexus Server | =06_02_06_02_f | |
| Hitachi Cosminexus Server | =06_50_06_50_e | |
| Hitachi Cosminexus Server | =06_50_06_50_e | |
| Hitachi Cosminexus Server | =06_51_06_51_g | |
| Hitachi Cosminexus Server | =06_51_06_51_g | |
| Hitachi Cosminexus Client | =06_00_06_00_g | |
| Hitachi Cosminexus Client | =06_02_06_02_f | |
| Hitachi Cosminexus Client | =06_50_06_50_e | |
| Hitachi Cosminexus Client | =06_51_06_51_g | |
| Hitachi Cosminexus Developer | =05_00_05_00_h | |
| Hitachi Cosminexus Developer | =05_01_05_01_k | |
| Hitachi Cosminexus Developer | =05_05_05_05_o | |
| Hitachi Cosminexus Developer | =06_00_06_00_g | |
| Hitachi Cosminexus Developer | =06_00_06_00_g | |
| Hitachi Cosminexus Developer | =06_00_06_00_g | |
| Hitachi Cosminexus Developer | =06_02_06_02_f | |
| Hitachi Cosminexus Developer | =06_02_06_02_f | |
| Hitachi Cosminexus Developer | =06_02_06_02_f | |
| Hitachi Cosminexus Developer | =06_50_06_50_e | |
| Hitachi Cosminexus Developer | =06_50_06_50_e | |
| Hitachi Cosminexus Developer | =06_50_06_50_e | |
| Hitachi Cosminexus Developer | =06_51_06_51_g | |
| Hitachi Cosminexus Developer | =06_51_06_51_g | |
| Hitachi Cosminexus Developer | =06_51_06_51_g | |
| Hitachi Cosminexus Server | =04_00_04_00_a | |
| Hitachi Cosminexus Server | =04_00_04_00_a | |
| Hitachi Cosminexus Server | =04_01_04_01_a | |
| Hitachi Cosminexus Server | =04_01_04_01_a | |
| Hitachi Cosminexus Studio | =04_00_04_00_a | |
| Hitachi Cosminexus Studio | =04_00_04_00_a | |
| Hitachi Cosminexus Studio | =04_01_04_01_a | |
| Hitachi Cosminexus Studio | =04_01_04_01_a | |
| Hitachi Cosminexus Studio | =05_05_05_05_o | |
| Hitachi uCosminexus | =06_70_06_70_a | |
| Hitachi uCosminexus | =06_70_06_70_a | |
| Hitachi uCosminexus | =06_70_06_70_b | |
| Hitachi uCosminexus | =06_70_06_70_b | |
| Hitachi uCosminexus | =06_71_06_71_b | |
| Hitachi uCosminexus | =06_71_06_71_b | |
| Hitachi uCosminexus | =07_00_07_20 | |
| Hitachi uCosminexus | =07_00_07_20 | |
| Hitachi Cosminexus Client | =06_70_06_70_b | |
| Hitachi Cosminexus Client | =06_71_06_71_b | |
| Hitachi Cosminexus Client | =07_00_07_20 | |
| Hitachi ucosminexus Developer professional | =06_70_06_70_b | |
| Hitachi ucosminexus Developer professional | =06_70_06_70_b | |
| Hitachi ucosminexus Developer professional | =06_70_06_70_b | |
| Hitachi ucosminexus Developer professional | =06_71_06_71_b | |
| Hitachi ucosminexus Developer professional | =06_71_06_71_b | |
| Hitachi ucosminexus Developer professional | =06_71_06_71_b | |
| Hitachi uCosminexus | =07_00_07_20 | |
| Hitachi uCosminexus Service Architect | =07_00_07_20 | |
| Hitachi uCosminexus Service Platform | =07_00_07_20 | |
| Linux Kernel | ||
| Hitachi Cosminexus Server | =05_05_05_05_h | |
| Hitachi Cosminexus Server | =06_00_06_00_b | |
| Hitachi Cosminexus Server | =06_00_06_00_b | |
| Hitachi Cosminexus Server | =06_00_06_00_d | |
| Hitachi Cosminexus Server | =06_02_06_02_f | |
| Hitachi Cosminexus Server | =06_50_06_50_b | |
| Hitachi Cosminexus Server | =06_50_06_50_b | |
| Hitachi Cosminexus Server | =06_50_06_50_c | |
| Hitachi Cosminexus Server | =06_51_06_51_b | |
| Hitachi Cosminexus Server | =06_51_06_51_b | |
| Hitachi Cosminexus Server | =06_51_06_51_b | |
| Hitachi Cosminexus Server | =06_51_06_51_c | |
| Hitachi uCosminexus | =07_00_07_10 | |
| Hitachi uCosminexus | =07_00_07_10 | |
| Hitachi uCosminexus Service Platform | =07_00_07_10 | |
| HPE HP-UX | ||
| Hitachi Cosminexus Server | =05_02_05_02_e | |
| Hitachi Cosminexus Server | =06_00_06_00_d | |
| Hitachi Cosminexus Server | =06_00_06_00_d | |
| Hitachi Cosminexus Server | =06_00_06_00_e | |
| Hitachi Cosminexus Server | =06_00_06_00_e | |
| Hitachi Cosminexus Server | =06_50_06_50_d | |
| Hitachi Cosminexus Server | =06_50_06_50_d | |
| Hitachi uCosminexus | =06_70_06_70_h | |
| Hitachi uCosminexus | =06_70_06_70_h | |
| Hitachi uCosminexus | =06_70_06_72 | |
| Hitachi uCosminexus | =06_70_06_72 | |
| Hitachi uCosminexus | =07_10 | |
| Hitachi uCosminexus | =07_10 | |
| IBM AIX | ||
| Hitachi Cosminexus Server | =05_00_05_00_r | |
| Hitachi Cosminexus Server | =05_05_05_05_l | |
| Hitachi Cosminexus Server | =06_50_06_50_f | |
| Hitachi Cosminexus Server | =06_50_06_50_f | |
| Hitachi uCosminexus | =06_70_06_70_d | |
| Hitachi uCosminexus | =06_70_06_70_d | |
| Hitachi uCosminexus Service Platform | =07_10 | |
| Oracle Solaris and Zettabyte File System (ZFS) | ||
| Hitachi Cosminexus Server | =06_00_06_00_a | |
| Hitachi Cosminexus Server | =06_00_06_00_a | |
| Hitachi Cosminexus Server | =06_50_06_50_c | |
| Hitachi Cosminexus Server | =06_50_06_50_c | |
| Hitachi uCosminexus | =06_70_06_70_c | |
| Hitachi uCosminexus | =06_70_06_70_c | |
| Hitachi uCosminexus | =07_00 | |
| Hitachi uCosminexus | =07_00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2007-3794?
The severity of CVE-2007-3794 is classified as potentially high due to the risk of a buffer overflow which could lead to arbitrary code execution.
How do I fix CVE-2007-3794?
To fix CVE-2007-3794, update your Hitachi Cosminexus software to the latest versions that are available after the patches released on May 11, 2007, for XML Processing Kit.
Which versions of Hitachi software are affected by CVE-2007-3794?
CVE-2007-3794 affects Hitachi Cosminexus V4 through V7, Processing Kit for XML before May 11, 2007, and Developer's Kit for Java before March 12, 2007.
How does CVE-2007-3794 exploit occur?
CVE-2007-3794 exploit occurs when an attacker uses crafted GIF images to exploit the vulnerabilities in the GIF image processing APIs.
What are the potential impacts of CVE-2007-3794?
The potential impacts of CVE-2007-3794 include remote code execution, system compromise, and unauthorized access to sensitive data.
- collector/nvd-historical
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft windows
- vendor/hitachi
- canonical/hitachi cosminexus server
- version/hitachi cosminexus server/05_00_05_00_h
- version/hitachi cosminexus server/05_01_05_01_k
- version/hitachi cosminexus server/05_05_05_00_o
- version/hitachi cosminexus server/06_00_06_00_g
- version/hitachi cosminexus server/06_02_06_02_f
- version/hitachi cosminexus server/06_50_06_50_e
- version/hitachi cosminexus server/06_51_06_51_g
- canonical/hitachi cosminexus client
- version/hitachi cosminexus client/06_00_06_00_g
- version/hitachi cosminexus client/06_02_06_02_f
- version/hitachi cosminexus client/06_50_06_50_e
- version/hitachi cosminexus client/06_51_06_51_g
- canonical/hitachi cosminexus developer
- version/hitachi cosminexus developer/05_00_05_00_h
- version/hitachi cosminexus developer/05_01_05_01_k
- version/hitachi cosminexus developer/05_05_05_05_o
- version/hitachi cosminexus developer/06_00_06_00_g
- version/hitachi cosminexus developer/06_02_06_02_f
- version/hitachi cosminexus developer/06_50_06_50_e
- version/hitachi cosminexus developer/06_51_06_51_g
- version/hitachi cosminexus server/04_00_04_00_a
- version/hitachi cosminexus server/04_01_04_01_a
- canonical/hitachi cosminexus studio
- version/hitachi cosminexus studio/04_00_04_00_a
- version/hitachi cosminexus studio/04_01_04_01_a
- version/hitachi cosminexus studio/05_05_05_05_o
- canonical/hitachi ucosminexus
- version/hitachi ucosminexus/06_70_06_70_a
- version/hitachi ucosminexus/06_70_06_70_b
- version/hitachi ucosminexus/06_71_06_71_b
- version/hitachi ucosminexus/07_00_07_20
- version/hitachi cosminexus client/06_70_06_70_b
- version/hitachi cosminexus client/06_71_06_71_b
- version/hitachi cosminexus client/07_00_07_20
- canonical/hitachi ucosminexus developer professional
- version/hitachi ucosminexus developer professional/06_70_06_70_b
- version/hitachi ucosminexus developer professional/06_71_06_71_b
- canonical/hitachi ucosminexus service architect
- version/hitachi ucosminexus service architect/07_00_07_20
- canonical/hitachi ucosminexus service platform
- version/hitachi ucosminexus service platform/07_00_07_20
- vendor/linux
- canonical/linux kernel
- version/hitachi cosminexus server/05_05_05_05_h
- version/hitachi cosminexus server/06_00_06_00_b
- version/hitachi cosminexus server/06_00_06_00_d
- version/hitachi cosminexus server/06_50_06_50_b
- version/hitachi cosminexus server/06_50_06_50_c
- version/hitachi cosminexus server/06_51_06_51_b
- version/hitachi cosminexus server/06_51_06_51_c
- version/hitachi ucosminexus/07_00_07_10
- version/hitachi ucosminexus service platform/07_00_07_10
- vendor/hp
- canonical/hpe hp-ux
- version/hitachi cosminexus server/05_02_05_02_e
- version/hitachi cosminexus server/06_00_06_00_e
- version/hitachi cosminexus server/06_50_06_50_d
- version/hitachi ucosminexus/06_70_06_70_h
- version/hitachi ucosminexus/06_70_06_72
- version/hitachi ucosminexus/07_10
- vendor/ibm
- canonical/ibm aix
- version/hitachi cosminexus server/05_00_05_00_r
- version/hitachi cosminexus server/05_05_05_05_l
- version/hitachi cosminexus server/06_50_06_50_f
- version/hitachi ucosminexus/06_70_06_70_d
- version/hitachi ucosminexus service platform/07_10
- vendor/sun
- canonical/oracle solaris and zettabyte file system (zfs)
- version/hitachi cosminexus server/06_00_06_00_a
- version/hitachi ucosminexus/06_70_06_70_c
- version/hitachi ucosminexus/07_00