First published: Sun Jul 15 2007(Updated: )
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows | ||
Hitachi Cosminexus Server | =05_00_05_00_h | |
Hitachi Cosminexus Server | =05_01_05_01_k | |
Hitachi Cosminexus Server | =05_05_05_00_o | |
Hitachi Cosminexus Server | =06_00_06_00_g | |
Hitachi Cosminexus Server | =06_00_06_00_g | |
Hitachi Cosminexus Server | =06_02_06_02_f | |
Hitachi Cosminexus Server | =06_02_06_02_f | |
Hitachi Cosminexus Server | =06_50_06_50_e | |
Hitachi Cosminexus Server | =06_50_06_50_e | |
Hitachi Cosminexus Server | =06_51_06_51_g | |
Hitachi Cosminexus Server | =06_51_06_51_g | |
Hitachi Cosminexus Client | =06_00_06_00_g | |
Hitachi Cosminexus Client | =06_02_06_02_f | |
Hitachi Cosminexus Client | =06_50_06_50_e | |
Hitachi Cosminexus Client | =06_51_06_51_g | |
Hitachi Cosminexus Developer | =05_00_05_00_h | |
Hitachi Cosminexus Developer | =05_01_05_01_k | |
Hitachi Cosminexus Developer | =05_05_05_05_o | |
Hitachi Cosminexus Developer | =06_00_06_00_g | |
Hitachi Cosminexus Developer | =06_00_06_00_g | |
Hitachi Cosminexus Developer | =06_00_06_00_g | |
Hitachi Cosminexus Developer | =06_02_06_02_f | |
Hitachi Cosminexus Developer | =06_02_06_02_f | |
Hitachi Cosminexus Developer | =06_02_06_02_f | |
Hitachi Cosminexus Developer | =06_50_06_50_e | |
Hitachi Cosminexus Developer | =06_50_06_50_e | |
Hitachi Cosminexus Developer | =06_50_06_50_e | |
Hitachi Cosminexus Developer | =06_51_06_51_g | |
Hitachi Cosminexus Developer | =06_51_06_51_g | |
Hitachi Cosminexus Developer | =06_51_06_51_g | |
Hitachi Cosminexus Server | =04_00_04_00_a | |
Hitachi Cosminexus Server | =04_00_04_00_a | |
Hitachi Cosminexus Server | =04_01_04_01_a | |
Hitachi Cosminexus Server | =04_01_04_01_a | |
Hitachi Cosminexus Studio | =04_00_04_00_a | |
Hitachi Cosminexus Studio | =04_00_04_00_a | |
Hitachi Cosminexus Studio | =04_01_04_01_a | |
Hitachi Cosminexus Studio | =04_01_04_01_a | |
Hitachi Cosminexus Studio | =05_05_05_05_o | |
Hitachi uCosminexus | =06_70_06_70_a | |
Hitachi uCosminexus | =06_70_06_70_a | |
Hitachi uCosminexus | =06_70_06_70_b | |
Hitachi uCosminexus | =06_70_06_70_b | |
Hitachi uCosminexus | =06_71_06_71_b | |
Hitachi uCosminexus | =06_71_06_71_b | |
Hitachi uCosminexus | =07_00_07_20 | |
Hitachi uCosminexus | =07_00_07_20 | |
Hitachi Cosminexus Client | =06_70_06_70_b | |
Hitachi Cosminexus Client | =06_71_06_71_b | |
Hitachi Cosminexus Client | =07_00_07_20 | |
Hitachi ucosminexus Developer professional | =06_70_06_70_b | |
Hitachi ucosminexus Developer professional | =06_70_06_70_b | |
Hitachi ucosminexus Developer professional | =06_70_06_70_b | |
Hitachi ucosminexus Developer professional | =06_71_06_71_b | |
Hitachi ucosminexus Developer professional | =06_71_06_71_b | |
Hitachi ucosminexus Developer professional | =06_71_06_71_b | |
Hitachi uCosminexus | =07_00_07_20 | |
Hitachi uCosminexus Service Architect | =07_00_07_20 | |
Hitachi uCosminexus Service Platform | =07_00_07_20 | |
Linux Kernel | ||
Hitachi Cosminexus Server | =05_05_05_05_h | |
Hitachi Cosminexus Server | =06_00_06_00_b | |
Hitachi Cosminexus Server | =06_00_06_00_b | |
Hitachi Cosminexus Server | =06_00_06_00_d | |
Hitachi Cosminexus Server | =06_02_06_02_f | |
Hitachi Cosminexus Server | =06_50_06_50_b | |
Hitachi Cosminexus Server | =06_50_06_50_b | |
Hitachi Cosminexus Server | =06_50_06_50_c | |
Hitachi Cosminexus Server | =06_51_06_51_b | |
Hitachi Cosminexus Server | =06_51_06_51_b | |
Hitachi Cosminexus Server | =06_51_06_51_b | |
Hitachi Cosminexus Server | =06_51_06_51_c | |
Hitachi uCosminexus | =07_00_07_10 | |
Hitachi uCosminexus | =07_00_07_10 | |
Hitachi uCosminexus Service Platform | =07_00_07_10 | |
HPE HP-UX | ||
Hitachi Cosminexus Server | =05_02_05_02_e | |
Hitachi Cosminexus Server | =06_00_06_00_d | |
Hitachi Cosminexus Server | =06_00_06_00_d | |
Hitachi Cosminexus Server | =06_00_06_00_e | |
Hitachi Cosminexus Server | =06_00_06_00_e | |
Hitachi Cosminexus Server | =06_50_06_50_d | |
Hitachi Cosminexus Server | =06_50_06_50_d | |
Hitachi uCosminexus | =06_70_06_70_h | |
Hitachi uCosminexus | =06_70_06_70_h | |
Hitachi uCosminexus | =06_70_06_72 | |
Hitachi uCosminexus | =06_70_06_72 | |
Hitachi uCosminexus | =07_10 | |
Hitachi uCosminexus | =07_10 | |
IBM AIX | ||
Hitachi Cosminexus Server | =05_00_05_00_r | |
Hitachi Cosminexus Server | =05_05_05_05_l | |
Hitachi Cosminexus Server | =06_50_06_50_f | |
Hitachi Cosminexus Server | =06_50_06_50_f | |
Hitachi uCosminexus | =06_70_06_70_d | |
Hitachi uCosminexus | =06_70_06_70_d | |
Hitachi uCosminexus Service Platform | =07_10 | |
Oracle Solaris and Zettabyte File System (ZFS) | ||
Hitachi Cosminexus Server | =06_00_06_00_a | |
Hitachi Cosminexus Server | =06_00_06_00_a | |
Hitachi Cosminexus Server | =06_50_06_50_c | |
Hitachi Cosminexus Server | =06_50_06_50_c | |
Hitachi uCosminexus | =06_70_06_70_c | |
Hitachi uCosminexus | =06_70_06_70_c | |
Hitachi uCosminexus | =07_00 | |
Hitachi uCosminexus | =07_00 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2007-3794 is classified as potentially high due to the risk of a buffer overflow which could lead to arbitrary code execution.
To fix CVE-2007-3794, update your Hitachi Cosminexus software to the latest versions that are available after the patches released on May 11, 2007, for XML Processing Kit.
CVE-2007-3794 affects Hitachi Cosminexus V4 through V7, Processing Kit for XML before May 11, 2007, and Developer's Kit for Java before March 12, 2007.
CVE-2007-3794 exploit occurs when an attacker uses crafted GIF images to exploit the vulnerabilities in the GIF image processing APIs.
The potential impacts of CVE-2007-3794 include remote code execution, system compromise, and unauthorized access to sensitive data.