127 matches found
CVE-2007-4564
Cosminexus Manager in Cosminexus Application Server 07-00 and later may assign the wrong user’s group permissions to activated logical server processes, enabling local privilege escalation. Root cause: mis-assignment of group permissions to server processes started by Cosminexus Manager. Impact: ...
CVE-2007-4124
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information,...
Design/Logic Flaw
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information,...
CVE-2007-4124
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information,...
CVE-2007-4124
Cosminexus Component Container (Hitachi products) is affected for Cosminexus 6, 6.7, and 7 prior to 20070731. The session failover function may mishandle session data so one user’s session data could be used for another user, enabling remote authenticated access to sensitive information, possible...
CVE-2007-3794
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by...
Buffer overflow
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by...
CVE-2007-3794
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by...
CVE-2007-3794
CVE-2007-3794 is a concrete buffer overflow vulnerability affecting Hitachi Cosminexus components (Cosminexus V4 through V7, Processing Kit for XML, Developer’s Kit for Java) and third‑party software using this stack. The issue arises when processing GIF images via image‑processing APIs in a Java...
CVE-2007-1854
Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus Service Architect;...
Design/Logic Flaw
Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus Service Architect;...
CVE-2007-1854
Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus Service Architect;...
CVE-2007-1854
Technical details are not publicly provided in the supplied documents. Monitor for updates from official advisories.
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via 1 HTTP Expect headers or 2 image maps...
CVE-2007-0514
Multiple cross-site scripting XSS vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via 1 HTTP Expect headers or 2 image maps...
CVE-2007-0514
CVE-2007-0514 affects Hitachi Web Server, uCosminexus, and Cosminexus products released before 20070124. The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers and (2) image maps. T...
CVE-2005-4323
Unspecified vulnerability in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to cause a denial of service of unspecified impact via repeated...
CVE-2005-4322
The CVE-2005-4322 entry describes multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A. The issue allows remote atta...
CVE-2005-4323
CVE-2005-4323 describes an unspecified vulnerability in Hitachi Cosminexus Collaboration Portal (versions 06-00 through 06-10-/B), Groupmax Collaboration Portal (07-00 through 07-10-/B), and Groupmax Collaboration Web Client (07-00 through 07-10-/A) that allows remote attackers to cause a denial ...
CVE-2005-3164
The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when...