Vulnerability Description
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows | All versions |
| Hitachi | Cosminexus Application Server | 05_00_05_00_h |
| Hitachi | Cosminexus Client | 06_00_06_00_g |
| Hitachi | Cosminexus Developer | 05_00_05_00_h |
| Hitachi | Cosminexus Server | 04_00_04_00_a |
| Hitachi | Cosminexus Studio | 04_00_04_00_a |
| Hitachi | Ucosminexus Application Server | 06_70_06_70_a |
| Hitachi | Ucosminexus Client | 06_70_06_70_b |
| Hitachi | Ucosminexus Developer | 06_70_06_70_b |
| Hitachi | Ucosminexus Operator | 07_00_07_20 |
| Hitachi | Ucosminexus Service Architect | 07_00_07_20 |
| Hitachi | Ucosminexus Service Platform | 07_00_07_20 |
| Linux | Linux Kernel | All versions |
| Hp | Hp-Ux | All versions |
| Ibm | Aix | All versions |
| Sun | Solaris | All versions |
References
- http://osvdb.org/37851
- http://secunia.com/advisories/26025Vendor Advisory
- http://www.hitachi-support.com/security_e/vuls_e/HS07-018_e/index-e.html
- http://www.securityfocus.com/bid/24905
- http://www.vupen.com/english/advisories/2007/2534
- http://osvdb.org/37851
- http://secunia.com/advisories/26025Vendor Advisory
- http://www.hitachi-support.com/security_e/vuls_e/HS07-018_e/index-e.html
- http://www.securityfocus.com/bid/24905
- http://www.vupen.com/english/advisories/2007/2534
FAQ
What is CVE-2007-3794?
CVE-2007-3794 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers...
How severe is CVE-2007-3794?
CVE-2007-3794 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3794?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows, Hitachi Cosminexus Application Server, Hitachi Cosminexus Client, Hitachi Cosminexus Developer, Hitachi Cosminexus Server.