Search a vulnerability

jvndb-2009-002475

Vulnerability from jvndb

Published

2010-02-09 14:03

Modified

2010-02-09 14:03

Severity ?

() - -

Summary

Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java

Details

Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java have a buffer overflow vulnerability when processing image files in Java applications.

References

▼	Type	URL

Impacted products

▼	Vendor	Product
	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Client
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	Cosminexus/OpenTP1
	Hitachi, Ltd	Cosminexus Server
	Hitachi, Ltd	Cosminexus Studio
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	Groupmax Collaboration
	Hitachi, Ltd	Hitachi Developer's Kit for Java
	Hitachi, Ltd	Processing Kit for XML
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Collaboration
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Navigation
	Hitachi, Ltd	uCosminexus/OpenTP1
	Hitachi, Ltd	uCosminexus Operator
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002475.html",
  "dc:date": "2010-02-09T14:03+09:00",
  "dcterms:issued": "2010-02-09T14:03+09:00",
  "dcterms:modified": "2010-02-09T14:03+09:00",
  "description": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java have a buffer overflow vulnerability when processing image files in Java applications.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002475.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_navigation",
      "@product": "uCosminexus Navigation",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.5",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-002475",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-119",
    "@title": "Buffer Errors(CWE-119)"
  },
  "title": "Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java"
}

jvndb-2005-000776

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2008-05-21 00:00

Severity ?

() - -

Summary

Java Cryptography Extension 1.2.1 (JCE 1.2.1) will no longer function properly after July 28, 2005 due to the expiration of its digital certificate

Details

The digital certificate that was used to sign jar files in the Java Cryptography Extension (JCE) 1.2.1 expires on July 28, 2005. JCE 1.2.1 limits program behaviors after the expiration of the digital certificate. As a result, specific methods of JCE 1.2.1 will no longer work properly after the expiration, and problems may occur, such as an application using JCE does not start. If you use JCE in Java application development, please check the version of JCE used. If you use J2SE 1.2.x or J2SE 1.3.x to develop Java applications, JCE 1.2.1 may be included as an optional package. This issue, caused by the expiration of the digital certificate, is not a vulnerability; however, we provide this JVN article to publicize the issue to users. *1 JPCERT/CC coordinated this issue based on the publicly available information.

References

▼	Type	URL
	JVN	http://jvn.jp/en/jp/JVN93926203/index.html
	JPCERT-WR	http://www.jpcert.or.jp/wr/2005/wr052701.txt

Impacted products

▼	Vendor	Product
	Adobe Inc.	Adobe ColdFusion
	Adobe Inc.	Adobe JRun
	Schneider Electric	PowerChute
	BEA Systems, Inc.	BEA WebLogic Express
	BEA Systems, Inc.	BEA WebLogic Platform
	BEA Systems, Inc.	BEA WebLogic Server
	Cisco Systems, Inc.	Cisco WAN Manager (CWM)
	Cisco Systems, Inc.	CiscoWorks Wireless LAN Solution Engine (CWWLSE)
	FUJITSU	Interstage Application Server
	FUJITSU	PowerChute
	Hitachi, Ltd	Cosminexus Server
	Hitachi, Ltd	Cosminexus Web Contents Generator
	IBM Corporation	IBM JCE
	IBM Corporation	IBM JDK
	IBM Corporation	IBM JRE
	Infoteria Corporation	ASTERIA R2 Flow Builder
	Infoteria Corporation	ASTERIA R2 Server
	NEC Corporation	ESMPRO/UPSManager
	NEC Corporation	PowerChute
	Sun Microsystems, Inc.	J2SE
	Sun Microsystems, Inc.	JCE
	Cisco Systems, Inc.	CiscoWorks Host Solution Engine (HSE)
	FUJITSU	PRIMERGY
	Hitachi, Ltd	HA8000 Series
	McAfee	McAfee IntruShield

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000776.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "The digital certificate that was used to sign jar files in the Java Cryptography Extension (JCE) 1.2.1 expires on July 28, 2005. JCE 1.2.1 limits program behaviors after the expiration of the digital certificate. As a result, specific methods of JCE 1.2.1 will no longer work properly after the expiration, and problems may occur, such as an application using JCE does not start.\r\n\r\nIf you use JCE in Java application development, please check the version of JCE used. If you use J2SE 1.2.x or J2SE 1.3.x to develop Java applications, JCE 1.2.1 may be included as an optional package.\r\n\r\nThis issue, caused by the expiration of the digital certificate, is not a vulnerability; however, we provide this JVN article to publicize the issue to users.\r\n\r\n*1 JPCERT/CC coordinated this issue based on the publicly available information.",
  "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000776.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:adobe:coldfusion",
      "@product": "Adobe ColdFusion",
      "@vendor": "Adobe Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:adobe:jrun",
      "@product": "Adobe JRun",
      "@vendor": "Adobe Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:apc:powerchute",
      "@product": "PowerChute",
      "@vendor": "Schneider Electric",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:bea:weblogic_express",
      "@product": "BEA WebLogic Express",
      "@vendor": "BEA Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:bea:weblogic_platform",
      "@product": "BEA WebLogic Platform",
      "@vendor": "BEA Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:bea:weblogic_server",
      "@product": "BEA WebLogic Server",
      "@vendor": "BEA Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cisco:wan_manager",
      "@product": "Cisco WAN Manager (CWM)",
      "@vendor": "Cisco Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cisco:wireless_lan_solution_engine",
      "@product": "CiscoWorks Wireless LAN Solution Engine (CWWLSE)",
      "@vendor": "Cisco Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_application_server",
      "@product": "Interstage Application Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:powerchute",
      "@product": "PowerChute",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_web_contents_generator",
      "@product": "Cosminexus Web Contents Generator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ibm:java_jce",
      "@product": "IBM JCE",
      "@vendor": "IBM Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ibm:java_jdk",
      "@product": "IBM JDK",
      "@vendor": "IBM Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ibm:java_jre",
      "@product": "IBM JRE",
      "@vendor": "IBM Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:misc:infoteria_asteria_r2_flow_builder",
      "@product": "ASTERIA R2 Flow Builder",
      "@vendor": "Infoteria Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:misc:infoteria_asteria_r2_server",
      "@product": "ASTERIA R2 Server",
      "@vendor": "Infoteria Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:nec:esmpro_upsmanager",
      "@product": "ESMPRO/UPSManager",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:nec:powerchute",
      "@product": "PowerChute",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:sun:j2se",
      "@product": "J2SE",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:sun:jce",
      "@product": "JCE",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:cisco:hosting_solution_engine",
      "@product": "CiscoWorks Host Solution Engine (HSE)",
      "@vendor": "Cisco Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:fujitsu:primergy",
      "@product": "PRIMERGY",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:hitachi:ha8000",
      "@product": "HA8000 Series",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:mcafee:intrushield_security_management_system",
      "@product": "McAfee IntruShield",
      "@vendor": "McAfee",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "2.6",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2005-000776",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN93926203/index.html",
      "@id": "JVN#93926203",
      "@source": "JVN"
    },
    {
      "#text": "http://www.jpcert.or.jp/wr/2005/wr052701.txt",
      "@id": "JPCERT-WR-2005-2701",
      "@source": "JPCERT-WR"
    }
  ],
  "title": "Java Cryptography Extension 1.2.1 (JCE 1.2.1) will no longer function properly after July 28, 2005 due to the expiration of its digital certificate"
}

jvndb-2007-000702

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2008-05-21 00:00

Severity ?

() - -

Summary

Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities

Details

The image-processing APIs in Cosminexus Developer's Kit for Java is vulnerable to buffer overflow and a Denial od Service (DoS).

References

▼	Type	URL
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4758
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4758
	SECUNIA	http://secunia.com/advisories/26538
	XF	http://xforce.iss.net/xforce/xfdb/36618
	FRSIRT	http://www.frsirt.com/english/advisories/2007/3034
	Buffer Errors(CWE-119)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Client
	Hitachi, Ltd	Cosminexus Collaboration
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	Cosminexus Developer's Kit for Java(TM)
	Hitachi, Ltd	Cosminexus ERP Integrator
	Hitachi, Ltd	Cosminexus/OpenTP1
	Hitachi, Ltd	Cosminexus Server
	Hitachi, Ltd	Cosminexus Studio
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	Groupmax Collaboration
	Hitachi, Ltd	Hitachi Developer's Kit for Java
	Hitachi, Ltd	Processing Kit for XML
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Collaboration
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus ERP Integrator
	Hitachi, Ltd	uCosminexus/OpenTP1
	Hitachi, Ltd	uCosminexus Operator
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000702.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "The image-processing APIs in Cosminexus Developer\u0027s Kit for Java is vulnerable to buffer overflow and a Denial od Service (DoS).",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000702.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_collaboration",
      "@product": "Cosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
      "@product": "Cosminexus Developer\u0027s Kit for Java(TM)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_erp_integrator",
      "@product": "Cosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
      "@product": "uCosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.5",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000702",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4758",
      "@id": "CVE-2007-4758",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4758",
      "@id": "CVE-2007-4758",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/26538",
      "@id": "SA26538",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/36618",
      "@id": "36618",
      "@source": "XF"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/3034",
      "@id": "FrSIRT/ADV-2007-3034",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-119",
      "@title": "Buffer Errors(CWE-119)"
    }
  ],
  "title": "Cosminexus Developer\u0027s Kit for Java Buffer Overflow and Denial of Service Vulnerabilities"
}

jvndb-2007-000819

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2013-07-18 18:58

Severity ?

() - -

Summary

Cross-site scripting vulnerability in Apache HTTP Server "mod_imap" and "mod_imagemap"

Details

mod_imap and mod_imagemap modules of the Apache HTTP Server are vulnerable to cross-site scripting. The Apache HTTP Server is open source web server software. The Apache HTTP Server modules mod_imap and mod_imagemap provide server-side imagemap processing capability. The Apache HTTP Server modules mod_imap and mod_imagemap are vulnerable to cross-site scripting.

References

▼	Type	URL
	JVN	http://jvn.jp/en/jp/JVN80057925/index.html
	JVNTR	https://jvn.jp/en/tr/TRTA08-079A/index.html
	JVNTR	https://jvn.jp/en/tr/TRTA08-150A/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5000
	SECUNIA	http://secunia.com/advisories/28046
	SECUNIA	http://secunia.com/advisories/28073
	FRSIRT	http://www.frsirt.com/english/advisories/2007/4201
	FRSIRT	http://www.frsirt.com/english/advisories/2007/4202
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	Apache Software Foundation	Apache HTTP Server
	FUJITSU	Interstage Application Framework Suite
	FUJITSU	Interstage Application Server
	FUJITSU	Interstage Apworks
	FUJITSU	Interstage Business Application Server
	FUJITSU	Interstage Job Workload Server
	FUJITSU	Interstage Studio
	FUJITSU	Interstage Web Server
	FUJITSU	Systemwalker Resource Coordinator
	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	Cosminexus Server
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Service
	IBM Corporation	IBM HTTP Server
	Oracle Corporation	Oracle HTTP Server
	Red Hat, Inc.	Red Hat Application Stack
	NEC Corporation	WanBooster
	Apple Inc.	Apple Mac OS X
	Apple Inc.	Apple Mac OS X Server
	Hewlett-Packard Development Company,L.P	HP-UX
	Cybertrust Japan Co., Ltd.	Asianux Server
	Red Hat, Inc.	Red Hat Enterprise Linux
	Red Hat, Inc.	Red Hat Enterprise Linux Desktop
	Red Hat, Inc.	Red Hat Linux Advanced Workstation
	Red Hat, Inc.	RHEL Desktop Workstation
	Sun Microsystems, Inc.	Sun Solaris
	Turbolinux, Inc.	Turbolinux Appliance Server
	Turbolinux, Inc.	Turbolinux FUJI
	Turbolinux, Inc.	Turbolinux Multimedia
	Turbolinux, Inc.	Turbolinux Personal
	Turbolinux, Inc.	Turbolinux Server

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000819.html",
  "dc:date": "2013-07-18T18:58+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2013-07-18T18:58+09:00",
  "description": "mod_imap and mod_imagemap modules of the Apache HTTP Server are vulnerable to cross-site scripting.\r\n\r\nThe Apache HTTP Server is open source web server software. The Apache HTTP Server modules mod_imap and mod_imagemap provide server-side imagemap processing capability.\r\nThe Apache HTTP Server modules mod_imap and mod_imagemap are vulnerable to cross-site scripting.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000819.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:apache:http_server",
      "@product": "Apache HTTP Server",
      "@vendor": "Apache Software Foundation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_application_framework_suite",
      "@product": "Interstage Application Framework Suite",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_application_server",
      "@product": "Interstage Application Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_apworks",
      "@product": "Interstage Apworks",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_business_application_server",
      "@product": "Interstage Business Application Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_job_workload_server",
      "@product": "Interstage Job Workload Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_studio",
      "@product": "Interstage Studio",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_web_server",
      "@product": "Interstage Web Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
      "@product": "Systemwalker Resource Coordinator",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ibm:http_server",
      "@product": "IBM HTTP Server",
      "@vendor": "IBM Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:oracle:http_server",
      "@product": "Oracle HTTP Server",
      "@vendor": "Oracle Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:redhat:rhel_application_stack",
      "@product": "Red Hat Application Stack",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:nec:wanbooster",
      "@product": "WanBooster",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:apple:mac_os_x",
      "@product": "Apple Mac OS X",
      "@vendor": "Apple Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:apple:mac_os_x_server",
      "@product": "Apple Mac OS X Server",
      "@vendor": "Apple Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:hp:hp-ux",
      "@product": "HP-UX",
      "@vendor": "Hewlett-Packard Development Company,L.P",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux_desktop",
      "@product": "Red Hat Enterprise Linux Desktop",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:linux_advanced_workstation",
      "@product": "Red Hat Linux Advanced Workstation",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:rhel_desktop_workstation",
      "@product": "RHEL Desktop Workstation",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:sun:solaris",
      "@product": "Sun Solaris",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_appliance_server",
      "@product": "Turbolinux Appliance Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_fuji",
      "@product": "Turbolinux FUJI",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
      "@product": "Turbolinux Multimedia",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_personal",
      "@product": "Turbolinux Personal",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_server",
      "@product": "Turbolinux Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000819",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN80057925/index.html",
      "@id": "JVN#80057925",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/tr/TRTA08-079A/index.html",
      "@id": "TRTA08-079A",
      "@source": "JVNTR"
    },
    {
      "#text": "https://jvn.jp/en/tr/TRTA08-150A/index.html",
      "@id": "TRTA08-150A",
      "@source": "JVNTR"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000",
      "@id": "CVE-2007-5000",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5000",
      "@id": "CVE-2007-5000",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/28046",
      "@id": "SA28046",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://secunia.com/advisories/28073",
      "@id": "SA28073",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/4201",
      "@id": "FrSIRT/ADV-2007-4201",
      "@source": "FRSIRT"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/4202",
      "@id": "FrSIRT/ADV-2007-4202",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Cross-site scripting vulnerability in Apache HTTP Server \"mod_imap\" and \"mod_imagemap\""
}

jvndb-2009-001544

Vulnerability from jvndb

Published

2009-07-07 11:12

Modified

2009-07-07 11:12

Severity ?

() - -

Summary

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process

Details

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.

References

▼	Type	URL

Impacted products

▼	Vendor	Product
	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Client
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	Cosminexus/OpenTP1
	Hitachi, Ltd	Cosminexus Server
	Hitachi, Ltd	Cosminexus Studio
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	Groupmax Collaboration
	Hitachi, Ltd	Hitachi Developer's Kit for Java
	Hitachi, Ltd	Processing Kit for XML
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Collaboration
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus/OpenTP1
	Hitachi, Ltd	uCosminexus Operator
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001544.html",
  "dc:date": "2009-07-07T11:12+09:00",
  "dcterms:issued": "2009-07-07T11:12+09:00",
  "dcterms:modified": "2009-07-07T11:12+09:00",
  "description": "Cosminexus Processing Kit for XML and Hitachi Developer\u0027s Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001544.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "10.0",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-001544",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-noinfo",
    "@title": "No Mapping(CWE-noinfo)"
  },
  "title": "Cosminexus Processing Kit for XML and Hitachi Developer\u0027s Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process"
}

jvndb-2007-000701

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2008-05-21 00:00

Severity ?

() - -

Summary

Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java Buffer Overflow Vulnerabilities

Details

Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java may suffer from buffer overflow when a Java application handles GIF images with the image-processing APIs.

References

▼	Type	URL
	JVN	http://jvn.jp/cert/JVNTA07-022A/index.html
	JVNTR	http://jvn.jp/tr/TRTA07-022A/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3794
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3794
	CERT-SA	http://www.us-cert.gov/cas/alerts/SA07-022A.html
	CERT-TA	http://www.us-cert.gov/cas/techalerts/TA07-022A.html
	SECUNIA	http://secunia.com/advisories/26025
	BID	http://www.securityfocus.com/bid/24905
	XF	http://xforce.iss.net/xforce/xfdb/36022
	FRSIRT	http://www.frsirt.com/english/advisories/2007/2534

Impacted products

▼	Vendor	Product
	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Client
	Hitachi, Ltd	Cosminexus Collaboration
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	Cosminexus Developer's Kit for Java(TM)
	Hitachi, Ltd	Cosminexus ERP Integrator
	Hitachi, Ltd	Cosminexus/OpenTP1
	Hitachi, Ltd	Cosminexus Server
	Hitachi, Ltd	Cosminexus Studio
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	Groupmax Collaboration
	Hitachi, Ltd	Hitachi Developer's Kit for Java
	Hitachi, Ltd	Processing Kit for XML
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Collaboration
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus ERP Integrator
	Hitachi, Ltd	uCosminexus/OpenTP1
	Hitachi, Ltd	uCosminexus Operator
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000701.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java may suffer from buffer overflow when a Java application handles GIF images with the image-processing APIs.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000701.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_collaboration",
      "@product": "Cosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
      "@product": "Cosminexus Developer\u0027s Kit for Java(TM)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_erp_integrator",
      "@product": "Cosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
      "@product": "uCosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.5",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000701",
  "sec:references": [
    {
      "#text": "http://jvn.jp/cert/JVNTA07-022A/index.html",
      "@id": "JVNTA07-022A",
      "@source": "JVN"
    },
    {
      "#text": "http://jvn.jp/tr/TRTA07-022A/index.html",
      "@id": "TRTA07-022A",
      "@source": "JVNTR"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3794",
      "@id": "CVE-2007-3794",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3794",
      "@id": "CVE-2007-3794",
      "@source": "NVD"
    },
    {
      "#text": "http://www.us-cert.gov/cas/alerts/SA07-022A.html",
      "@id": "SA07-022A",
      "@source": "CERT-SA"
    },
    {
      "#text": "http://www.us-cert.gov/cas/techalerts/TA07-022A.html",
      "@id": "TA07-022A",
      "@source": "CERT-TA"
    },
    {
      "#text": "http://secunia.com/advisories/26025",
      "@id": "SA26025",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/24905",
      "@id": "24905",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/36022",
      "@id": "36022",
      "@source": "XF"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/2534",
      "@id": "FrSIRT/ADV-2007-2534",
      "@source": "FRSIRT"
    }
  ],
  "title": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java Buffer Overflow Vulnerabilities"
}

jvndb-2005-000183

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2008-05-21 00:00

Severity ?

() - -

Summary

Apache Tomcat denial of service vulnerability

Details

Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies. Apache Tomcat contains a vulnerability that may allow a remote attacker to cause a denial of service (DoS).

References

▼	Type	URL
	JVN	http://jvn.jp/en/jp/JVNDD18AD07/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-0808
	CERT-VN	http://www.kb.cert.org/vuls/id/204710
	BID	http://www.securityfocus.com/bid/12795

Impacted products

▼	Vendor	Product
	Apache Software Foundation	Apache Tomcat
	Hitachi, Ltd	Cosminexus Server

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000183.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies.\r\nApache Tomcat contains a vulnerability that may allow a remote attacker to cause a denial of service (DoS).",
  "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000183.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:apache:tomcat",
      "@product": "Apache Tomcat",
      "@vendor": "Apache Software Foundation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2005-000183",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVNDD18AD07/index.html",
      "@id": "JVN#DD18AD07",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808",
      "@id": "CVE-2005-0808",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-0808",
      "@id": "CVE-2005-0808",
      "@source": "NVD"
    },
    {
      "#text": "http://www.kb.cert.org/vuls/id/204710",
      "@id": "VU#204710",
      "@source": "CERT-VN"
    },
    {
      "#text": "http://www.securityfocus.com/bid/12795",
      "@id": "12795",
      "@source": "BID"
    }
  ],
  "title": "Apache Tomcat denial of service vulnerability"
}

All the vulnerabilites related to Hitachi, Ltd - Cosminexus Server

jvndb-2009-002475

Vulnerability from jvndb

jvndb-2005-000776

Vulnerability from jvndb

jvndb-2007-000702

Vulnerability from jvndb

jvndb-2007-000819

Vulnerability from jvndb

jvndb-2009-001544

Vulnerability from jvndb

jvndb-2007-000701

Vulnerability from jvndb

jvndb-2005-000183

Vulnerability from jvndb