127 matches found
Vulnerability in Cosminexus HTTP Server and Hitachi Web Server
Overview A vulnerability CVE-2019-10092 exists in Cosminexus HTTP Server and Hitachi Web Server. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate...
Vulnerability in Cosminexus HTTP Server and Hitachi Web Server
Overview A vulnerability CVE-2019-0220 exists in Cosminexus HTTP Server and Hitachi Web Server. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate...
Multiple Vulnerabilities in Cosminexus
Overview Cosminexus Developer's Kit for Java and Hitachi Developer's Kit for Java contain the following vulnerabilities: CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698 Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the...
Vulnerability in Cosminexus HTTP Server and Hitachi Web Server
Overview A vulnerability CVE-2016-8743 exists in Cosminexus HTTP Server and Hitachi Web Server. Impact An attacker may have unspecified impact. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...
Xml eXternal Entity Vulnerability in Hitachi Cosminexus
Overview When using Cosminexus JAX-WS, XXE Xml eXternal Entity in Hitachi Cosminexus Component Container contains a vulnerability that may cause information leakage. Impact A remote attacker could obtain information via SOAP message loading unexpected external entities. Solution Please refer to t...
User Authentication Vulnerability in Operational Management Function of Cosminexus
Overview The operational management function of Cosminexus does not properly require authentication for manipulation of an operational management portal, which allows remote attackers to delete and replace applications which other users attached. Impact A remote attacker could delete and replace...
Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
Description Oracle Java SE is prone to a remote code execution vulnerability in Java Runtime Environment. An attacker can exploit this issue to bypass the Java sandbox restriction and execute arbitrary code. This vulnerability affects the following supported versions: 7 Update 2, 6 Update 30, 5.0...
Denial of Service (DoS) Vulnerability in Cosminexus
Overview Cosminexus series products contain a vulnerability that could cause a denial of service DoS condition when receiving unexpected data. After it abends, the service can be restarted by rebooting the system. Impact A remote attacker could cause a denial of service DoS condition. Solution...
Improper Authentication Vulnerability in Handling of Revoked Certificate in Hitachi Web Server SSL Client Authentication
Overview SSL client authentication in Hitachi Web Server has a vulnerability which allows an attacker to access a Hitachi Web Server using the client certificates registered in the Certification Revocation List CRL. This vulnerability does not apply if SSL or SSL client authentication is not in...
Buffer overflow
Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors relate...
CVE-2009-4776
Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors relate...
CVE-2009-4776
Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors relate...
CVE-2009-4776
CVE-2009-4776 describes a buffer overflow in Hitachi Cosminexus components (V4–V8 Processing Kit for XML and Developer’s Kit for Java) used in products such as uCosminexus, Electronic Form Workflow, GroupMax, and IBM XL C/C++ Enterprise Edition 7–8. The issue involves GIF image processing APIs in...
Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java
Overview Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java have a buffer overflow vulnerability when processing image files in Java applications. Impact An attacker can execute arbitrary code on the target system. Solution Please refer to the 'Vendor Information' section for...
Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Zip File Scanning Utility
Overview Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability that allows unauthorized access through a zip file scanning API. Impact Unauthorized access may be done when loading and scanning an external zip file. Solution Please refer to the 'Vendor...
Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process
Overview Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access. Impact Unauthorized access may be done exploiting a deficiency in encodin...
Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java Buffer Overflow Vulnerabilities
Overview Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java may suffer from buffer overflow when a Java application handles GIF images with the image-processing APIs. Impact An attacker could execute arbitrary code. Solution Please refer to the 'Vendor Information' section fo...
Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities
Overview The image-processing APIs in Cosminexus Developer's Kit for Java is vulnerable to buffer overflow and a Denial od Service DoS. Impact An attacker could cause a Denial of Service DoS or execute arbitrary code. Solution Please refer to the 'Vendor Information' section for official...
Cosminexus Component Container Session Handling Vulnerability
Overview The session failover function in Cosminexus Component Container may fail to handle session information properly and allow one user's session data to be used as aonther user's session data. Impact A remote attacker could gain unauthorized access to other users' session and obtain sensitiv...
Cosminexus javadoc Cross-Site Scripting Vulnerability
Overview The javadoc command of Cosminexus may generate an HTML file that contains cross-site scripting vulnerabilities. Impact An attacker could exploit said HTML file vulnerable to cross-site scripting. Solution Please refer to the 'Vendor Information' section for official remediation and take...