All the vulnerabilites related to Hitachi, Ltd - Electronic Form Workflow
jvndb-2007-000701
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java Buffer Overflow Vulnerabilities
Details
Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java may suffer from buffer overflow when a Java application handles GIF images with the image-processing APIs.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000701.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java may suffer from buffer overflow when a Java application handles GIF images with the image-processing APIs.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000701.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_application_server",
"@product": "Cosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_client",
"@product": "Cosminexus Client ",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_collaboration",
"@product": "Cosminexus Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developer",
"@product": "Cosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
"@product": "Cosminexus Developer\u0027s Kit for Java(TM)",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_erp_integrator",
"@product": "Cosminexus ERP Integrator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_opentp1",
"@product": "Cosminexus/OpenTP1",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_server",
"@product": "Cosminexus Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_studio",
"@product": "Cosminexus Studio",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:groupmax_collaboration",
"@product": "Groupmax Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
"@product": "Hitachi Developer\u0027s Kit for Java",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:processing_kit_for_xml",
"@product": "Processing Kit for XML",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server",
"@product": "uCosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_client",
"@product": "uCosminexus Client",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_collaboration",
"@product": "uCosminexus Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer",
"@product": "uCosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
"@product": "uCosminexus ERP Integrator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_opentp1",
"@product": "uCosminexus/OpenTP1 ",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_operator",
"@product": "uCosminexus Operator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service",
"@product": "uCosminexus Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000701",
"sec:references": [
{
"#text": "http://jvn.jp/cert/JVNTA07-022A/index.html",
"@id": "JVNTA07-022A",
"@source": "JVN"
},
{
"#text": "http://jvn.jp/tr/TRTA07-022A/index.html",
"@id": "TRTA07-022A",
"@source": "JVNTR"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3794",
"@id": "CVE-2007-3794",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3794",
"@id": "CVE-2007-3794",
"@source": "NVD"
},
{
"#text": "http://www.us-cert.gov/cas/alerts/SA07-022A.html",
"@id": "SA07-022A",
"@source": "CERT-SA"
},
{
"#text": "http://www.us-cert.gov/cas/techalerts/TA07-022A.html",
"@id": "TA07-022A",
"@source": "CERT-TA"
},
{
"#text": "http://secunia.com/advisories/26025",
"@id": "SA26025",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/24905",
"@id": "24905",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/36022",
"@id": "36022",
"@source": "XF"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/2534",
"@id": "FrSIRT/ADV-2007-2534",
"@source": "FRSIRT"
}
],
"title": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java Buffer Overflow Vulnerabilities"
}
jvndb-2007-001133
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Cosminexus Component Container Session Handling Vulnerability
Details
The session failover function in Cosminexus Component Container may fail to handle session information properly and allow one user's session data to be used as aonther user's session data.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-001133.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "The session failover function in Cosminexus Component Container may fail to handle session information properly and allow one user\u0027s session data to be used as aonther user\u0027s session data.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-001133.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_application_server",
"@product": "Cosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_collaboration",
"@product": "Cosminexus Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_component_container",
"@product": "Cosminexus Component Container",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developer",
"@product": "Cosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_erp_integrator",
"@product": "Cosminexus ERP Integrator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_opentp1",
"@product": "Cosminexus/OpenTP1",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:groupmax_collaboration",
"@product": "Groupmax Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server",
"@product": "uCosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_collaboration",
"@product": "uCosminexus Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer",
"@product": "uCosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
"@product": "uCosminexus ERP Integrator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_opentp1",
"@product": "uCosminexus/OpenTP1 ",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service",
"@product": "uCosminexus Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.9",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-001133",
"sec:references": [
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4124",
"@id": "CVE-2007-4124",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4124",
"@id": "CVE-2007-4124",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/26250",
"@id": "SA26250",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/25145",
"@id": "25145",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/35706",
"@id": "35706",
"@source": "XF"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/2725",
"@id": "FrSIRT/ADV-2007-2725",
"@source": "FRSIRT"
}
],
"title": "Cosminexus Component Container Session Handling Vulnerability"
}
jvndb-2008-000016
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-10-09 13:35
Summary
Sun Java Runtime Environment (JRE) contains a vulnerability in processing XSLT transformations
Details
The Sun Microsystems Java Runtime Environment (JRE) contains a vulnerability that could allow privilege escalation in the processing of XSLT transformations.
The Sun Microsystems Java Runtime Environment (JRE) contains a vulnerability that could allow a remote attacker to elevate its privileges via an untrusted applet or application that is downloaded from a website to perform XSLT transformations on XML documents.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000016.html",
"dc:date": "2008-10-09T13:35+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-10-09T13:35+09:00",
"description": "The Sun Microsystems Java Runtime Environment (JRE) contains a vulnerability that could allow privilege escalation in the processing of XSLT transformations.\r\n\r\nThe Sun Microsystems Java Runtime Environment (JRE) contains a vulnerability that could allow a remote attacker to elevate its privileges via an untrusted applet or application that is downloaded from a website to perform XSLT transformations on XML documents.",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000016.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server",
"@product": "uCosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_client",
"@product": "uCosminexus Client",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer",
"@product": "uCosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_operator",
"@product": "uCosminexus Operator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service",
"@product": "uCosminexus Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:redhat:enterprise_linux",
"@product": "Red Hat Enterprise Linux Extras",
"@vendor": "Red Hat, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:redhat:rhel_desktop_supplementary",
"@product": "RHEL Desktop Supplementary",
"@vendor": "Red Hat, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:redhat:rhel_supplementary",
"@product": "RHEL Supplementary",
"@vendor": "Red Hat, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:sun:jdk",
"@product": "JDK",
"@vendor": "Sun Microsystems, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:sun:jre",
"@product": "JRE",
"@vendor": "Sun Microsystems, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:sun:sdk",
"@product": "SDK",
"@vendor": "Sun Microsystems, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/o:apple:mac_os_x",
"@product": "Apple Mac OS X",
"@vendor": "Apple Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/o:apple:mac_os_x_server",
"@product": "Apple Mac OS X Server",
"@vendor": "Apple Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/o:misc:miraclelinux_asianux_server",
"@product": "Asianux Server",
"@vendor": "Cybertrust Japan Co., Ltd.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-000016",
"sec:references": [
{
"#text": "http://jvn.jp/cert/JVNTA08-066A/index.html",
"@id": "JVNTA08-066A",
"@source": "JVN"
},
{
"#text": "http://jvn.jp/en/jp/JVN04032535/index.html",
"@id": "JVN#04032535",
"@source": "JVN"
},
{
"#text": "http://jvn.jp/tr/TRTA08-066A/index.html",
"@id": "TRTA08-066A",
"@source": "JVNTR"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1187",
"@id": "CVE-2008-1187",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1187",
"@id": "CVE-2008-1187",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/200803_JRE_press_en.html",
"@id": "Security Alert for Vulnerability In Sun JRE (Java Runtime Environment) XSLT Transformations",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "https://www.us-cert.gov/cas/alerts/SA08-066A.html",
"@id": "SA08-066A",
"@source": "CERT-SA"
},
{
"#text": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html",
"@id": "TA08-066A",
"@source": "CERT-TA"
},
{
"#text": "http://secunia.com/advisories/29273",
"@id": "SA29273",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/28083",
"@id": "28083",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/41025",
"@id": "41025",
"@source": "XF"
},
{
"#text": "http://www.securitytracker.com/id?1019548",
"@id": "1019548",
"@source": "SECTRACK"
},
{
"#text": "http://www.frsirt.com/english/advisories/2008/0770",
"@id": "FrSIRT/ADV-2008-0770",
"@source": "FRSIRT"
},
{
"#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html",
"@id": "JVNDB-2008-000016",
"@source": "JVNDB_Ja"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-264",
"@title": "Permissions(CWE-264)"
}
],
"title": "Sun Java Runtime Environment (JRE) contains a vulnerability in processing XSLT transformations"
}
jvndb-2009-001893
Vulnerability from jvndb
Published
2009-08-25 10:50
Modified
2009-08-25 10:50
Summary
Hitachi Business Logic Cross-Site Scripting Vulnerability
Details
Hitachi Business Logic is vulnerable to cross-site scripting.
References
| ▼ | Type | URL |
|---|---|---|
| VUPEN | http://www.vupen.com/english/advisories/2009/2011 | |
| Cross-site Scripting(CWE-79) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001893.html",
"dc:date": "2009-08-25T10:50+09:00",
"dcterms:issued": "2009-08-25T10:50+09:00",
"dcterms:modified": "2009-08-25T10:50+09:00",
"description": "Hitachi Business Logic is vulnerable to cross-site scripting.",
"link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001893.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:business_logic",
"@product": "Hitachi Business Logic",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2009-001893",
"sec:references": [
{
"#text": "http://www.vupen.com/english/advisories/2009/2011",
"@id": "VUPEN/ADV-2009-2011",
"@source": "VUPEN"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Hitachi Business Logic Cross-Site Scripting Vulnerability"
}
jvndb-2010-002468
Vulnerability from jvndb
Published
2010-12-14 15:21
Modified
2010-12-14 15:21
Summary
EUR Form Client Arbitrary File Execution Vulnerability
Details
EUR Form Client has an arbitrary file execution vulnerability.
References
| ▼ | Type | URL |
|---|---|---|
| CVE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4773 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2010-4773 | |
| No Mapping(CWE-noinfo) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-002468.html",
"dc:date": "2010-12-14T15:21+09:00",
"dcterms:issued": "2010-12-14T15:21+09:00",
"dcterms:modified": "2010-12-14T15:21+09:00",
"description": "EUR Form Client has an arbitrary file execution vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-002468.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:eur_form_client",
"@product": "EUR Form Client",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:eur_form_service",
"@product": "EUR Form Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_eur_form_service",
"@product": "uCosminexus EUR Form Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "9.3",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-002468",
"sec:references": [
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4773",
"@id": "CVE-2010-4773",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2010-4773",
"@id": "CVE-2010-4773",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "EUR Form Client Arbitrary File Execution Vulnerability"
}
jvndb-2009-001545
Vulnerability from jvndb
Published
2009-07-07 11:12
Modified
2009-07-07 11:12
Summary
Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Zip File Scanning Utility
Details
Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java
have a vulnerability that allows unauthorized access through a zip file
scanning API.
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001545.html",
"dc:date": "2009-07-07T11:12+09:00",
"dcterms:issued": "2009-07-07T11:12+09:00",
"dcterms:modified": "2009-07-07T11:12+09:00",
"description": "Cosminexus Processing Kit for XML and Hitachi Developer\u0027s Kit for Java\r\nhave a vulnerability that allows unauthorized access through a zip file\r\nscanning API.",
"link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001545.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_application_server",
"@product": "Cosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
"@product": "Hitachi Developer\u0027s Kit for Java",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:processing_kit_for_xml",
"@product": "Processing Kit for XML",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server",
"@product": "uCosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "10.0",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2009-001545",
"sec:references": {
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
},
"title": "Cosminexus Processing Kit for XML and Hitachi Developer\u0027s Kit for Java Possible Unauthorized Access through Zip File Scanning Utility"
}
jvndb-2010-001088
Vulnerability from jvndb
Published
2010-03-03 12:00
Modified
2010-03-03 12:00
Summary
uCosminexus Portal Framework Cross-Site Scripting Vulnerability
Details
uCosminexus Portal Framework has a cross-site scripting vulnerability.
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-001088.html",
"dc:date": "2010-03-03T12:00+09:00",
"dcterms:issued": "2010-03-03T12:00+09:00",
"dcterms:modified": "2010-03-03T12:00+09:00",
"description": "uCosminexus Portal Framework has a cross-site scripting vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-001088.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_collaboration_portal",
"@product": "Cosminexus Collaboration Portal",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_portal_framework",
"@product": "Cosminexus Portal Framework",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:groupmax_collaboration_portal",
"@product": "Groupmax Collaboration Portal",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:groupmax_collaboration_web_client",
"@product": "Groupmax Collaboration Web Client",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:groupmax_collaboration_web_client_mail_schedule",
"@product": "Groupmax Collaboration Web Client - Mail/Schedule",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:jp1_integrated_management",
"@product": "JP1/Integrated Management",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_collaboration_portal",
"@product": "uCosminexus Collaboration Portal",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_content_manager",
"@product": "uCosminexus Content Manager",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_electronic_form_workflow",
"@product": "uCosminexus Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_navigation",
"@product": "uCosminexus Navigation",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_portal_framework",
"@product": "uCosminexus Portal Framework",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-001088",
"sec:references": {
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
},
"title": "uCosminexus Portal Framework Cross-Site Scripting Vulnerability"
}
jvndb-2007-000702
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities
Details
The image-processing APIs in Cosminexus Developer's Kit for Java is vulnerable to buffer overflow and a Denial od Service (DoS).
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000702.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "The image-processing APIs in Cosminexus Developer\u0027s Kit for Java is vulnerable to buffer overflow and a Denial od Service (DoS).",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000702.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_application_server",
"@product": "Cosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_client",
"@product": "Cosminexus Client ",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_collaboration",
"@product": "Cosminexus Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developer",
"@product": "Cosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
"@product": "Cosminexus Developer\u0027s Kit for Java(TM)",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_erp_integrator",
"@product": "Cosminexus ERP Integrator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_opentp1",
"@product": "Cosminexus/OpenTP1",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_server",
"@product": "Cosminexus Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_studio",
"@product": "Cosminexus Studio",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:groupmax_collaboration",
"@product": "Groupmax Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
"@product": "Hitachi Developer\u0027s Kit for Java",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:processing_kit_for_xml",
"@product": "Processing Kit for XML",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server",
"@product": "uCosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_client",
"@product": "uCosminexus Client",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_collaboration",
"@product": "uCosminexus Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer",
"@product": "uCosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
"@product": "uCosminexus ERP Integrator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_opentp1",
"@product": "uCosminexus/OpenTP1 ",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_operator",
"@product": "uCosminexus Operator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service",
"@product": "uCosminexus Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000702",
"sec:references": [
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4758",
"@id": "CVE-2007-4758",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4758",
"@id": "CVE-2007-4758",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/26538",
"@id": "SA26538",
"@source": "SECUNIA"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/36618",
"@id": "36618",
"@source": "XF"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/3034",
"@id": "FrSIRT/ADV-2007-3034",
"@source": "FRSIRT"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
}
],
"title": "Cosminexus Developer\u0027s Kit for Java Buffer Overflow and Denial of Service Vulnerabilities"
}
jvndb-2009-001033
Vulnerability from jvndb
Published
2009-03-02 17:38
Modified
2009-03-02 17:38
Summary
Multiple Vulnerabilities in uCosminexus Portal Framework
Details
uCosminexus Portal Framework contains multiple vulnerabilities.
References
| ▼ | Type | URL |
|---|---|---|
| JVNDB_Ja | http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001033.html | |
| No Mapping(CWE-noinfo) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001033.html",
"dc:date": "2009-03-02T17:38+09:00",
"dcterms:issued": "2009-03-02T17:38+09:00",
"dcterms:modified": "2009-03-02T17:38+09:00",
"description": "uCosminexus Portal Framework contains multiple vulnerabilities.",
"link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001033.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_collaboration_portal",
"@product": "Cosminexus Collaboration Portal",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_portal_framework",
"@product": "Cosminexus Portal Framework",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:groupmax_collaboration_portal",
"@product": "Groupmax Collaboration Portal",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:groupmax_collaboration_web_client",
"@product": "Groupmax Collaboration Web Client",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:jp1_integrated_management",
"@product": "JP1/Integrated Management",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_collaboration_portal",
"@product": "uCosminexus Collaboration Portal",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_content_manager",
"@product": "uCosminexus Content Manager",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_portal_framework",
"@product": "uCosminexus Portal Framework",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.4",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2009-001033",
"sec:references": [
{
"#text": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001033.html",
"@id": "JVNDB-2009-001033",
"@source": "JVNDB_Ja"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Multiple Vulnerabilities in uCosminexus Portal Framework"
}
jvndb-2009-002475
Vulnerability from jvndb
Published
2010-02-09 14:03
Modified
2010-02-09 14:03
Summary
Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java
Details
Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java have a buffer overflow vulnerability when processing image files in Java applications.
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002475.html",
"dc:date": "2010-02-09T14:03+09:00",
"dcterms:issued": "2010-02-09T14:03+09:00",
"dcterms:modified": "2010-02-09T14:03+09:00",
"description": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java have a buffer overflow vulnerability when processing image files in Java applications.",
"link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002475.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_application_server",
"@product": "Cosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_client",
"@product": "Cosminexus Client ",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developer",
"@product": "Cosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_opentp1",
"@product": "Cosminexus/OpenTP1",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_server",
"@product": "Cosminexus Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_studio",
"@product": "Cosminexus Studio",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:groupmax_collaboration",
"@product": "Groupmax Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
"@product": "Hitachi Developer\u0027s Kit for Java",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:processing_kit_for_xml",
"@product": "Processing Kit for XML",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server",
"@product": "uCosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_client",
"@product": "uCosminexus Client",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_collaboration",
"@product": "uCosminexus Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer",
"@product": "uCosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_navigation",
"@product": "uCosminexus Navigation",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_opentp1",
"@product": "uCosminexus/OpenTP1 ",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_operator",
"@product": "uCosminexus Operator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service",
"@product": "uCosminexus Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2009-002475",
"sec:references": {
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
},
"title": "Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java"
}
jvndb-2007-001091
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Cosminexus Application Server Incorrect Group Permission Handling Vulnerability
Details
When a logical J2EE server or logical user server is started from Cosminexus Manager in Cosminexus Application Server, Cosminexus Manager may assign the wrong user's group permissions to an activated server process.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-001091.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "When a logical J2EE server or logical user server is started from Cosminexus Manager in Cosminexus Application Server, Cosminexus Manager may assign the wrong user\u0027s group permissions to an activated server process.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-001091.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_application_server",
"@product": "Cosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server",
"@product": "uCosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service",
"@product": "uCosminexus Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.6",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-001091",
"sec:references": [
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4564",
"@id": "CVE-2007-4564",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4564",
"@id": "CVE-2007-4564",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/26589",
"@id": "SA26589",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/25434",
"@id": "25434",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/36245",
"@id": "36245",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-264",
"@title": "Permissions(CWE-264)"
}
],
"title": "Cosminexus Application Server Incorrect Group Permission Handling Vulnerability"
}
jvndb-2010-001874
Vulnerability from jvndb
Published
2010-09-01 14:11
Modified
2010-09-01 14:11
Summary
Denial of Service (DoS) Vulnerability in Cosminexus
Details
Cosminexus series products contain a vulnerability that could cause a denial of service (DoS) condition when receiving unexpected data.
After it abends, the service can be restarted by rebooting the system.
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-001874.html",
"dc:date": "2010-09-01T14:11+09:00",
"dcterms:issued": "2010-09-01T14:11+09:00",
"dcterms:modified": "2010-09-01T14:11+09:00",
"description": "Cosminexus series products contain a vulnerability that could cause a denial of service (DoS) condition when receiving unexpected data.\r\nAfter it abends, the service can be restarted by rebooting the system.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-001874.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_developer",
"@product": "Cosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:documentbroker",
"@product": "DocumentBroker",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer",
"@product": "uCosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_navigation",
"@product": "uCosminexus Navigation",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_reporting_base",
"@product": "uCosminexus Reporting Base",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service",
"@product": "uCosminexus Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_si_navigation_system",
"@product": "uCosminexus SI Navigation System",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-001874",
"sec:references": {
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
},
"title": "Denial of Service (DoS) Vulnerability in Cosminexus"
}
jvndb-2010-001395
Vulnerability from jvndb
Published
2010-05-18 11:33
Modified
2010-05-18 11:33
Summary
Several EUR Form/EUR Products Arbitrary Code Execution Vulnerability
Details
An arbitrary code execution vulnerability exists in several EUR Form and EUR products.
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-001395.html",
"dc:date": "2010-05-18T11:33+09:00",
"dcterms:issued": "2010-05-18T11:33+09:00",
"dcterms:modified": "2010-05-18T11:33+09:00",
"description": "An arbitrary code execution vulnerability exists in several EUR Form and EUR products.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-001395.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:eur_form_client",
"@product": "EUR Form Client",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:eur_form_service",
"@product": "EUR Form Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:eur_professional",
"@product": "EUR Professional Edition",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_eur_developer",
"@product": "uCosminexus EUR Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_eur_form_control",
"@product": "uCosminexus EUR Form Control",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_eur_form_service",
"@product": "uCosminexus EUR Form Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "10.0",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-001395",
"sec:references": {
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
},
"title": "Several EUR Form/EUR Products Arbitrary Code Execution Vulnerability"
}
jvndb-2009-001544
Vulnerability from jvndb
Published
2009-07-07 11:12
Modified
2009-07-07 11:12
Summary
Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process
Details
Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001544.html",
"dc:date": "2009-07-07T11:12+09:00",
"dcterms:issued": "2009-07-07T11:12+09:00",
"dcterms:modified": "2009-07-07T11:12+09:00",
"description": "Cosminexus Processing Kit for XML and Hitachi Developer\u0027s Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.",
"link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001544.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_application_server",
"@product": "Cosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_client",
"@product": "Cosminexus Client ",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developer",
"@product": "Cosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_opentp1",
"@product": "Cosminexus/OpenTP1",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_server",
"@product": "Cosminexus Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_studio",
"@product": "Cosminexus Studio",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:groupmax_collaboration",
"@product": "Groupmax Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
"@product": "Hitachi Developer\u0027s Kit for Java",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:processing_kit_for_xml",
"@product": "Processing Kit for XML",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server",
"@product": "uCosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_client",
"@product": "uCosminexus Client",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_collaboration",
"@product": "uCosminexus Collaboration",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer",
"@product": "uCosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_opentp1",
"@product": "uCosminexus/OpenTP1 ",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_operator",
"@product": "uCosminexus Operator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service",
"@product": "uCosminexus Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "10.0",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2009-001544",
"sec:references": {
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
},
"title": "Cosminexus Processing Kit for XML and Hitachi Developer\u0027s Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process"
}
jvndb-2007-000700
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Cosminexus javadoc Cross-Site Scripting Vulnerability
Details
The javadoc command of Cosminexus may generate an HTML file that contains cross-site scripting vulnerabilities.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000700.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "The javadoc command of Cosminexus may generate an HTML file that contains cross-site scripting vulnerabilities.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000700.html",
"sec:cpe": [
{
"#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
"@product": "Cosminexus Developer\u0027s Kit for Java(TM)",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:electronic_form_workflow",
"@product": "Electronic Form Workflow",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server",
"@product": "uCosminexus Application Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_client",
"@product": "uCosminexus Client",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer",
"@product": "uCosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
"@product": "uCosminexus ERP Integrator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_operator",
"@product": "uCosminexus Operator",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service",
"@product": "uCosminexus Service",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000700",
"sec:references": [
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4760",
"@id": "CVE-2007-4760",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4760",
"@id": "CVE-2007-4760",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/26671",
"@id": "SA26671",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/25518",
"@id": "25518",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/36393",
"@id": "36393",
"@source": "XF"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/3033",
"@id": "FrSIRT/ADV-2007-3033",
"@source": "FRSIRT"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Cosminexus javadoc Cross-Site Scripting Vulnerability"
}