jvndb - jvndb-2009-001544

jvndb-2009-001544

Vulnerability from jvndb

Published

2009-07-07 11:12

Modified

2009-07-07 11:12

Severity ?

() - -

Summary

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process

Details

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.

References

▼	Type	URL

Impacted products

▼	Vendor	Product
	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Client
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	Cosminexus/OpenTP1
	Hitachi, Ltd	Cosminexus Server
	Hitachi, Ltd	Cosminexus Studio
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	Groupmax Collaboration
	Hitachi, Ltd	Hitachi Developer's Kit for Java
	Hitachi, Ltd	Processing Kit for XML
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Collaboration
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus/OpenTP1
	Hitachi, Ltd	uCosminexus Operator
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
   "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001544.html",
   "dc:date": "2009-07-07T11:12+09:00",
   "dcterms:issued": "2009-07-07T11:12+09:00",
   "dcterms:modified": "2009-07-07T11:12+09:00",
   description: "Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.",
   link: "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001544.html",
   "sec:cpe": [
      {
         "#text": "cpe:/a:hitachi:cosminexus_application_server",
         "@product": "Cosminexus Application Server",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:cosminexus_client",
         "@product": "Cosminexus Client ",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:cosminexus_developer",
         "@product": "Cosminexus Developer",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:cosminexus_opentp1",
         "@product": "Cosminexus/OpenTP1",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:cosminexus_server",
         "@product": "Cosminexus Server",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:cosminexus_studio",
         "@product": "Cosminexus Studio",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:electronic_form_workflow",
         "@product": "Electronic Form Workflow",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:groupmax_collaboration",
         "@product": "Groupmax Collaboration",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
         "@product": "Hitachi Developer's Kit for Java",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:processing_kit_for_xml",
         "@product": "Processing Kit for XML",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:ucosminexus_application_server",
         "@product": "uCosminexus Application Server",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:ucosminexus_client",
         "@product": "uCosminexus Client",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
         "@product": "uCosminexus Collaboration",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:ucosminexus_developer",
         "@product": "uCosminexus Developer",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
         "@product": "uCosminexus/OpenTP1 ",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:ucosminexus_operator",
         "@product": "uCosminexus Operator",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:ucosminexus_service",
         "@product": "uCosminexus Service",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
   ],
   "sec:cvss": {
      "@score": "10.0",
      "@severity": "High",
      "@type": "Base",
      "@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
      "@version": "2.0",
   },
   "sec:identifier": "JVNDB-2009-001544",
   "sec:references": {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)",
   },
   title: "Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process",
}

jvndb-2009-001544

Vulnerability from jvndb

Tags

Sightings

Nomenclature

Action not permitted

jvndb-2009-001544

Vulnerability from jvndb

Tags

Sightings

Nomenclature