All the vulnerabilites related to Hitachi, Ltd - Cosminexus Server
jvndb-2005-000776
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Java Cryptography Extension 1.2.1 (JCE 1.2.1) will no longer function properly after July 28, 2005 due to the expiration of its digital certificate
Details
The digital certificate that was used to sign jar files in the Java Cryptography Extension (JCE) 1.2.1 expires on July 28, 2005. JCE 1.2.1 limits program behaviors after the expiration of the digital certificate. As a result, specific methods of JCE 1.2.1 will no longer work properly after the expiration, and problems may occur, such as an application using JCE does not start. If you use JCE in Java application development, please check the version of JCE used. If you use J2SE 1.2.x or J2SE 1.3.x to develop Java applications, JCE 1.2.1 may be included as an optional package. This issue, caused by the expiration of the digital certificate, is not a vulnerability; however, we provide this JVN article to publicize the issue to users. *1 JPCERT/CC coordinated this issue based on the publicly available information.
References
JVN http://jvn.jp/en/jp/JVN93926203/index.html
JPCERT-WR http://www.jpcert.or.jp/wr/2005/wr052701.txt
Impacted products
Adobe Inc.Adobe ColdFusion
Adobe Inc.Adobe JRun
Schneider ElectricPowerChute
BEA Systems, Inc.BEA WebLogic Express
BEA Systems, Inc.BEA WebLogic Platform
BEA Systems, Inc.BEA WebLogic Server
Cisco Systems, Inc.Cisco WAN Manager (CWM)
Cisco Systems, Inc.CiscoWorks Wireless LAN Solution Engine (CWWLSE)
FUJITSUInterstage Application Server
FUJITSUPowerChute
Hitachi, LtdCosminexus Server
Hitachi, LtdCosminexus Web Contents Generator
IBM CorporationIBM JCE
IBM CorporationIBM JDK
IBM CorporationIBM JRE
Infoteria CorporationASTERIA R2 Flow Builder
Infoteria CorporationASTERIA R2 Server
NEC CorporationESMPRO/UPSManager
NEC CorporationPowerChute
Sun Microsystems, Inc.J2SE
Sun Microsystems, Inc.JCE
Cisco Systems, Inc.CiscoWorks Host Solution Engine (HSE)
FUJITSUPRIMERGY
Hitachi, LtdHA8000 Series
McAfeeMcAfee IntruShield
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000776.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "The digital certificate that was used to sign jar files in the Java Cryptography Extension (JCE) 1.2.1 expires on July 28, 2005. JCE 1.2.1 limits program behaviors after the expiration of the digital certificate. As a result, specific methods of JCE 1.2.1 will no longer work properly after the expiration, and problems may occur, such as an application using JCE does not start.\r\n\r\nIf you use JCE in Java application development, please check the version of JCE used. If you use J2SE 1.2.x or J2SE 1.3.x to develop Java applications, JCE 1.2.1 may be included as an optional package.\r\n\r\nThis issue, caused by the expiration of the digital certificate, is not a vulnerability; however, we provide this JVN article to publicize the issue to users.\r\n\r\n*1 JPCERT/CC coordinated this issue based on the publicly available information.",
  "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000776.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:adobe:coldfusion",
      "@product": "Adobe ColdFusion",
      "@vendor": "Adobe Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:adobe:jrun",
      "@product": "Adobe JRun",
      "@vendor": "Adobe Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:apc:powerchute",
      "@product": "PowerChute",
      "@vendor": "Schneider Electric",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:bea:weblogic_express",
      "@product": "BEA WebLogic Express",
      "@vendor": "BEA Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:bea:weblogic_platform",
      "@product": "BEA WebLogic Platform",
      "@vendor": "BEA Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:bea:weblogic_server",
      "@product": "BEA WebLogic Server",
      "@vendor": "BEA Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cisco:wan_manager",
      "@product": "Cisco WAN Manager (CWM)",
      "@vendor": "Cisco Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cisco:wireless_lan_solution_engine",
      "@product": "CiscoWorks Wireless LAN Solution Engine (CWWLSE)",
      "@vendor": "Cisco Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_application_server",
      "@product": "Interstage Application Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:powerchute",
      "@product": "PowerChute",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_web_contents_generator",
      "@product": "Cosminexus Web Contents Generator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ibm:java_jce",
      "@product": "IBM JCE",
      "@vendor": "IBM Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ibm:java_jdk",
      "@product": "IBM JDK",
      "@vendor": "IBM Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ibm:java_jre",
      "@product": "IBM JRE",
      "@vendor": "IBM Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:misc:infoteria_asteria_r2_flow_builder",
      "@product": "ASTERIA R2 Flow Builder",
      "@vendor": "Infoteria Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:misc:infoteria_asteria_r2_server",
      "@product": "ASTERIA R2 Server",
      "@vendor": "Infoteria Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:nec:esmpro_upsmanager",
      "@product": "ESMPRO/UPSManager",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:nec:powerchute",
      "@product": "PowerChute",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:sun:j2se",
      "@product": "J2SE",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:sun:jce",
      "@product": "JCE",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:cisco:hosting_solution_engine",
      "@product": "CiscoWorks Host Solution Engine (HSE)",
      "@vendor": "Cisco Systems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:fujitsu:primergy",
      "@product": "PRIMERGY",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:hitachi:ha8000",
      "@product": "HA8000 Series",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:mcafee:intrushield_security_management_system",
      "@product": "McAfee IntruShield",
      "@vendor": "McAfee",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "2.6",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2005-000776",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN93926203/index.html",
      "@id": "JVN#93926203",
      "@source": "JVN"
    },
    {
      "#text": "http://www.jpcert.or.jp/wr/2005/wr052701.txt",
      "@id": "JPCERT-WR-2005-2701",
      "@source": "JPCERT-WR"
    }
  ],
  "title": "Java Cryptography Extension 1.2.1 (JCE 1.2.1) will no longer function properly after July 28, 2005 due to the expiration of its digital certificate"
}

jvndb-2007-000701
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java Buffer Overflow Vulnerabilities
Details
Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java may suffer from buffer overflow when a Java application handles GIF images with the image-processing APIs.
References
JVN http://jvn.jp/cert/JVNTA07-022A/index.html
JVNTR http://jvn.jp/tr/TRTA07-022A/index.html
CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3794
NVD http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3794
CERT-SA http://www.us-cert.gov/cas/alerts/SA07-022A.html
CERT-TA http://www.us-cert.gov/cas/techalerts/TA07-022A.html
SECUNIA http://secunia.com/advisories/26025
BID http://www.securityfocus.com/bid/24905
XF http://xforce.iss.net/xforce/xfdb/36022
FRSIRT http://www.frsirt.com/english/advisories/2007/2534
Impacted products
Hitachi, LtdCosminexus Application Server
Hitachi, LtdCosminexus Client
Hitachi, LtdCosminexus Collaboration
Hitachi, LtdCosminexus Developer
Hitachi, LtdCosminexus Developer's Kit for Java(TM)
Hitachi, LtdCosminexus ERP Integrator
Hitachi, LtdCosminexus/OpenTP1
Hitachi, LtdCosminexus Server
Hitachi, LtdCosminexus Studio
Hitachi, LtdElectronic Form Workflow
Hitachi, LtdGroupmax Collaboration
Hitachi, LtdHitachi Developer's Kit for Java
Hitachi, LtdProcessing Kit for XML
Hitachi, LtduCosminexus Application Server
Hitachi, LtduCosminexus Client
Hitachi, LtduCosminexus Collaboration
Hitachi, LtduCosminexus Developer
Hitachi, LtduCosminexus ERP Integrator
Hitachi, LtduCosminexus/OpenTP1
Hitachi, LtduCosminexus Operator
Hitachi, LtduCosminexus Service
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000701.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java may suffer from buffer overflow when a Java application handles GIF images with the image-processing APIs.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000701.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_collaboration",
      "@product": "Cosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
      "@product": "Cosminexus Developer\u0027s Kit for Java(TM)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_erp_integrator",
      "@product": "Cosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
      "@product": "uCosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.5",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000701",
  "sec:references": [
    {
      "#text": "http://jvn.jp/cert/JVNTA07-022A/index.html",
      "@id": "JVNTA07-022A",
      "@source": "JVN"
    },
    {
      "#text": "http://jvn.jp/tr/TRTA07-022A/index.html",
      "@id": "TRTA07-022A",
      "@source": "JVNTR"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3794",
      "@id": "CVE-2007-3794",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3794",
      "@id": "CVE-2007-3794",
      "@source": "NVD"
    },
    {
      "#text": "http://www.us-cert.gov/cas/alerts/SA07-022A.html",
      "@id": "SA07-022A",
      "@source": "CERT-SA"
    },
    {
      "#text": "http://www.us-cert.gov/cas/techalerts/TA07-022A.html",
      "@id": "TA07-022A",
      "@source": "CERT-TA"
    },
    {
      "#text": "http://secunia.com/advisories/26025",
      "@id": "SA26025",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/24905",
      "@id": "24905",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/36022",
      "@id": "36022",
      "@source": "XF"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/2534",
      "@id": "FrSIRT/ADV-2007-2534",
      "@source": "FRSIRT"
    }
  ],
  "title": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java Buffer Overflow Vulnerabilities"
}

jvndb-2007-000702
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities
Details
The image-processing APIs in Cosminexus Developer's Kit for Java is vulnerable to buffer overflow and a Denial od Service (DoS).
References
CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4758
NVD http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4758
SECUNIA http://secunia.com/advisories/26538
XF http://xforce.iss.net/xforce/xfdb/36618
FRSIRT http://www.frsirt.com/english/advisories/2007/3034
Buffer Errors(CWE-119) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
Hitachi, LtdCosminexus Application Server
Hitachi, LtdCosminexus Client
Hitachi, LtdCosminexus Collaboration
Hitachi, LtdCosminexus Developer
Hitachi, LtdCosminexus Developer's Kit for Java(TM)
Hitachi, LtdCosminexus ERP Integrator
Hitachi, LtdCosminexus/OpenTP1
Hitachi, LtdCosminexus Server
Hitachi, LtdCosminexus Studio
Hitachi, LtdElectronic Form Workflow
Hitachi, LtdGroupmax Collaboration
Hitachi, LtdHitachi Developer's Kit for Java
Hitachi, LtdProcessing Kit for XML
Hitachi, LtduCosminexus Application Server
Hitachi, LtduCosminexus Client
Hitachi, LtduCosminexus Collaboration
Hitachi, LtduCosminexus Developer
Hitachi, LtduCosminexus ERP Integrator
Hitachi, LtduCosminexus/OpenTP1
Hitachi, LtduCosminexus Operator
Hitachi, LtduCosminexus Service
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000702.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "The image-processing APIs in Cosminexus Developer\u0027s Kit for Java is vulnerable to buffer overflow and a Denial od Service (DoS).",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000702.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_collaboration",
      "@product": "Cosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
      "@product": "Cosminexus Developer\u0027s Kit for Java(TM)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_erp_integrator",
      "@product": "Cosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
      "@product": "uCosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.5",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000702",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4758",
      "@id": "CVE-2007-4758",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4758",
      "@id": "CVE-2007-4758",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/26538",
      "@id": "SA26538",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/36618",
      "@id": "36618",
      "@source": "XF"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/3034",
      "@id": "FrSIRT/ADV-2007-3034",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-119",
      "@title": "Buffer Errors(CWE-119)"
    }
  ],
  "title": "Cosminexus Developer\u0027s Kit for Java Buffer Overflow and Denial of Service Vulnerabilities"
}

jvndb-2009-002475
Vulnerability from jvndb
Published
2010-02-09 14:03
Modified
2010-02-09 14:03
Severity ?
() - -
Summary
Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java
Details
Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java have a buffer overflow vulnerability when processing image files in Java applications.
References
Impacted products
Hitachi, LtdCosminexus Application Server
Hitachi, LtdCosminexus Client
Hitachi, LtdCosminexus Developer
Hitachi, LtdCosminexus/OpenTP1
Hitachi, LtdCosminexus Server
Hitachi, LtdCosminexus Studio
Hitachi, LtdElectronic Form Workflow
Hitachi, LtdGroupmax Collaboration
Hitachi, LtdHitachi Developer's Kit for Java
Hitachi, LtdProcessing Kit for XML
Hitachi, LtduCosminexus Application Server
Hitachi, LtduCosminexus Client
Hitachi, LtduCosminexus Collaboration
Hitachi, LtduCosminexus Developer
Hitachi, LtduCosminexus Navigation
Hitachi, LtduCosminexus/OpenTP1
Hitachi, LtduCosminexus Operator
Hitachi, LtduCosminexus Service
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002475.html",
  "dc:date": "2010-02-09T14:03+09:00",
  "dcterms:issued": "2010-02-09T14:03+09:00",
  "dcterms:modified": "2010-02-09T14:03+09:00",
  "description": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java have a buffer overflow vulnerability when processing image files in Java applications.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002475.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_navigation",
      "@product": "uCosminexus Navigation",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.5",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-002475",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-119",
    "@title": "Buffer Errors(CWE-119)"
  },
  "title": "Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java"
}

jvndb-2005-000183
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Apache Tomcat denial of service vulnerability
Details
Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies. Apache Tomcat contains a vulnerability that may allow a remote attacker to cause a denial of service (DoS).
References
JVN http://jvn.jp/en/jp/JVNDD18AD07/index.html
CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808
NVD http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-0808
CERT-VN http://www.kb.cert.org/vuls/id/204710
BID http://www.securityfocus.com/bid/12795
Impacted products
Apache Software FoundationApache Tomcat
Hitachi, LtdCosminexus Server
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000183.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies.\r\nApache Tomcat contains a vulnerability that may allow a remote attacker to cause a denial of service (DoS).",
  "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000183.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:apache:tomcat",
      "@product": "Apache Tomcat",
      "@vendor": "Apache Software Foundation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2005-000183",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVNDD18AD07/index.html",
      "@id": "JVN#DD18AD07",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808",
      "@id": "CVE-2005-0808",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-0808",
      "@id": "CVE-2005-0808",
      "@source": "NVD"
    },
    {
      "#text": "http://www.kb.cert.org/vuls/id/204710",
      "@id": "VU#204710",
      "@source": "CERT-VN"
    },
    {
      "#text": "http://www.securityfocus.com/bid/12795",
      "@id": "12795",
      "@source": "BID"
    }
  ],
  "title": "Apache Tomcat denial of service vulnerability"
}

jvndb-2007-000819
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2013-07-18 18:58
Severity ?
() - -
Summary
Cross-site scripting vulnerability in Apache HTTP Server "mod_imap" and "mod_imagemap"
Details
mod_imap and mod_imagemap modules of the Apache HTTP Server are vulnerable to cross-site scripting. The Apache HTTP Server is open source web server software. The Apache HTTP Server modules mod_imap and mod_imagemap provide server-side imagemap processing capability. The Apache HTTP Server modules mod_imap and mod_imagemap are vulnerable to cross-site scripting.
References
JVN http://jvn.jp/en/jp/JVN80057925/index.html
JVNTR https://jvn.jp/en/tr/TRTA08-079A/index.html
JVNTR https://jvn.jp/en/tr/TRTA08-150A/index.html
CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
NVD http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5000
SECUNIA http://secunia.com/advisories/28046
SECUNIA http://secunia.com/advisories/28073
FRSIRT http://www.frsirt.com/english/advisories/2007/4201
FRSIRT http://www.frsirt.com/english/advisories/2007/4202
Cross-site Scripting(CWE-79) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
Apache Software FoundationApache HTTP Server
FUJITSUInterstage Application Framework Suite
FUJITSUInterstage Application Server
FUJITSUInterstage Apworks
FUJITSUInterstage Business Application Server
FUJITSUInterstage Job Workload Server
FUJITSUInterstage Studio
FUJITSUInterstage Web Server
FUJITSUSystemwalker Resource Coordinator
Hitachi, LtdCosminexus Application Server
Hitachi, LtdCosminexus Developer
Hitachi, LtdCosminexus Server
Hitachi, LtdHitachi Web Server
Hitachi, LtduCosminexus Application Server
Hitachi, LtduCosminexus Developer
Hitachi, LtduCosminexus Service
IBM CorporationIBM HTTP Server
Oracle CorporationOracle HTTP Server
Red Hat, Inc.Red Hat Application Stack
NEC CorporationWanBooster
Apple Inc.Apple Mac OS X
Apple Inc.Apple Mac OS X Server
Hewlett-Packard Development Company,L.PHP-UX
Cybertrust Japan Co., Ltd.Asianux Server
Red Hat, Inc.Red Hat Enterprise Linux
Red Hat, Inc.Red Hat Enterprise Linux Desktop
Red Hat, Inc.Red Hat Linux Advanced Workstation
Red Hat, Inc.RHEL Desktop Workstation
Sun Microsystems, Inc.Sun Solaris
Turbolinux, Inc.Turbolinux Appliance Server
Turbolinux, Inc.Turbolinux FUJI
Turbolinux, Inc.Turbolinux Multimedia
Turbolinux, Inc.Turbolinux Personal
Turbolinux, Inc.Turbolinux Server
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000819.html",
  "dc:date": "2013-07-18T18:58+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2013-07-18T18:58+09:00",
  "description": "mod_imap and mod_imagemap modules of the Apache HTTP Server are vulnerable to cross-site scripting.\r\n\r\nThe Apache HTTP Server is open source web server software. The Apache HTTP Server modules mod_imap and mod_imagemap provide server-side imagemap processing capability.\r\nThe Apache HTTP Server modules mod_imap and mod_imagemap are vulnerable to cross-site scripting.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000819.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:apache:http_server",
      "@product": "Apache HTTP Server",
      "@vendor": "Apache Software Foundation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_application_framework_suite",
      "@product": "Interstage Application Framework Suite",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_application_server",
      "@product": "Interstage Application Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_apworks",
      "@product": "Interstage Apworks",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_business_application_server",
      "@product": "Interstage Business Application Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_job_workload_server",
      "@product": "Interstage Job Workload Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_studio",
      "@product": "Interstage Studio",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_web_server",
      "@product": "Interstage Web Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
      "@product": "Systemwalker Resource Coordinator",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ibm:http_server",
      "@product": "IBM HTTP Server",
      "@vendor": "IBM Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:oracle:http_server",
      "@product": "Oracle HTTP Server",
      "@vendor": "Oracle Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:redhat:rhel_application_stack",
      "@product": "Red Hat Application Stack",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:nec:wanbooster",
      "@product": "WanBooster",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:apple:mac_os_x",
      "@product": "Apple Mac OS X",
      "@vendor": "Apple Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:apple:mac_os_x_server",
      "@product": "Apple Mac OS X Server",
      "@vendor": "Apple Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:hp:hp-ux",
      "@product": "HP-UX",
      "@vendor": "Hewlett-Packard Development Company,L.P",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux_desktop",
      "@product": "Red Hat Enterprise Linux Desktop",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:linux_advanced_workstation",
      "@product": "Red Hat Linux Advanced Workstation",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:rhel_desktop_workstation",
      "@product": "RHEL Desktop Workstation",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:sun:solaris",
      "@product": "Sun Solaris",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_appliance_server",
      "@product": "Turbolinux Appliance Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_fuji",
      "@product": "Turbolinux FUJI",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
      "@product": "Turbolinux Multimedia",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_personal",
      "@product": "Turbolinux Personal",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_server",
      "@product": "Turbolinux Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000819",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN80057925/index.html",
      "@id": "JVN#80057925",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/tr/TRTA08-079A/index.html",
      "@id": "TRTA08-079A",
      "@source": "JVNTR"
    },
    {
      "#text": "https://jvn.jp/en/tr/TRTA08-150A/index.html",
      "@id": "TRTA08-150A",
      "@source": "JVNTR"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000",
      "@id": "CVE-2007-5000",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5000",
      "@id": "CVE-2007-5000",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/28046",
      "@id": "SA28046",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://secunia.com/advisories/28073",
      "@id": "SA28073",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/4201",
      "@id": "FrSIRT/ADV-2007-4201",
      "@source": "FRSIRT"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/4202",
      "@id": "FrSIRT/ADV-2007-4202",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Cross-site scripting vulnerability in Apache HTTP Server \"mod_imap\" and \"mod_imagemap\""
}

jvndb-2009-001544
Vulnerability from jvndb
Published
2009-07-07 11:12
Modified
2009-07-07 11:12
Severity ?
() - -
Summary
Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process
Details
Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.
References
Impacted products
Hitachi, LtdCosminexus Application Server
Hitachi, LtdCosminexus Client
Hitachi, LtdCosminexus Developer
Hitachi, LtdCosminexus/OpenTP1
Hitachi, LtdCosminexus Server
Hitachi, LtdCosminexus Studio
Hitachi, LtdElectronic Form Workflow
Hitachi, LtdGroupmax Collaboration
Hitachi, LtdHitachi Developer's Kit for Java
Hitachi, LtdProcessing Kit for XML
Hitachi, LtduCosminexus Application Server
Hitachi, LtduCosminexus Client
Hitachi, LtduCosminexus Collaboration
Hitachi, LtduCosminexus Developer
Hitachi, LtduCosminexus/OpenTP1
Hitachi, LtduCosminexus Operator
Hitachi, LtduCosminexus Service
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001544.html",
  "dc:date": "2009-07-07T11:12+09:00",
  "dcterms:issued": "2009-07-07T11:12+09:00",
  "dcterms:modified": "2009-07-07T11:12+09:00",
  "description": "Cosminexus Processing Kit for XML and Hitachi Developer\u0027s Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001544.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "10.0",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-001544",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-noinfo",
    "@title": "No Mapping(CWE-noinfo)"
  },
  "title": "Cosminexus Processing Kit for XML and Hitachi Developer\u0027s Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process"
}