Details of VAR-200707-0286

ID

VAR-200707-0286

CVE

CVE-2007-3794

TITLE

Multiple Hitachi Products GIF Image Buffer Overflow Vulnerability

Trust: 0.9

sources: BID: 24905 // CNNVD: CNNVD-200707-260

DESCRIPTION

Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application. Multiple Hitachi products are prone to a buffer-overflow vulnerability because the applications fail to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Given the nature of this issue, successful exploits may lead to remote code execution, but this has not been confirmed. ---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. The vulnerability is caused due to an boundary error within the handling of GIF files and can be exploited to cause a buffer overflow. No further information is currently available. Please see vendor advisory for affected products and versions. SOLUTION: Update to the latest versions (please see vendor advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS07-018_e/index-e.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2007-3794 // JVNDB: JVNDB-2007-000701 // BID: 24905 // PACKETSTORM: 57727

AFFECTED PRODUCTS

vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	05_05_05_05_o	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	06_71_06_71_b	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	05_05_05_05_l	Trust: 1.0
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	06_51_06_51_g	Trust: 1.0
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	06_00_06_00_g	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	06_70_06_70_d	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_00_06_00_d	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	05_02_05_02_e	Trust: 1.0
vendor:	hitachi	model:	cosminexus server	scope:	eq	version:	04_01_04_01_a	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_02_06_02_f	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	07_10	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_00_06_00_e	Trust: 1.0
vendor:	hitachi	model:	cosminexus client	scope:	eq	version:	06_50_06_50_e	Trust: 1.0
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	06_02_06_02_f	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	05_05_05_00_o	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_50_06_50_d	Trust: 1.0
vendor:	hitachi	model:	ucosminexus service platform	scope:	eq	version:	07_10	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	05_01_05_01_k	Trust: 1.0
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	05_05_05_05_o	Trust: 1.0
vendor:	hitachi	model:	ucosminexus client	scope:	eq	version:	07_00_07_20	Trust: 1.0
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	05_01_05_01_k	Trust: 1.0
vendor:	hitachi	model:	ucosminexus operator	scope:	eq	version:	07_00_07_20	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	06_70_06_70_c	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	05_00_05_00_r	Trust: 1.0
vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	04_01_04_01_a	Trust: 1.0
vendor:	hitachi	model:	ucosminexus client	scope:	eq	version:	06_70_06_70_b	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_50_06_50_c	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_50_06_50_b	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_50_06_50_e	Trust: 1.0
vendor:	hitachi	model:	cosminexus server	scope:	eq	version:	04_00_04_00_a	Trust: 1.0
vendor:	hitachi	model:	cosminexus client	scope:	eq	version:	06_51_06_51_g	Trust: 1.0
vendor:	hitachi	model:	cosminexus client	scope:	eq	version:	06_00_06_00_g	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_00_06_00_b	Trust: 1.0
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	06_50_06_50_e	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	07_00_07_20	Trust: 1.0
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	06_70_06_70_b	Trust: 1.0
vendor:	hitachi	model:	ucosminexus client	scope:	eq	version:	06_71_06_71_b	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_51_06_51_b	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_00_06_00_a	Trust: 1.0
vendor:	hitachi	model:	cosminexus client	scope:	eq	version:	06_02_06_02_f	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	06_70_06_70_a	Trust: 1.0
vendor:	hitachi	model:	ucosminexus service platform	scope:	eq	version:	07_00_07_20	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	06_70_06_70_b	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	05_05_05_05_h	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	06_70_06_70_h	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	07_00	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	06_70_06_72	Trust: 1.0
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	07_00_07_10	Trust: 1.0
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	06_71_06_71_b	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	05_00_05_00_h	Trust: 1.0
vendor:	hitachi	model:	ucosminexus service architect	scope:	eq	version:	07_00_07_20	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_51_06_51_c	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_51_06_51_g	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_00_06_00_g	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	06_50_06_50_f	Trust: 1.0
vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	04_00_04_00_a	Trust: 1.0
vendor:	hitachi	model:	ucosminexus service platform	scope:	eq	version:	07_00_07_10	Trust: 1.0
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	05_00_05_00_h	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	enterprise version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	standard version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	version 5	Trust: 0.8
vendor:	hitachi	model:	cosminexus client	scope:	eq	version:	version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus collaboration	scope:	eq	version:	server	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	light version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	professional version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	standard version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	version 5	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer's kit for java	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus erp integrator	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus server	scope:	eq	version:	standard edition version 4	Trust: 0.8
vendor:	hitachi	model:	cosminexus server	scope:	eq	version:	web edition version 4	Trust: 0.8
vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	standard edition version 4	Trust: 0.8
vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	version 5	Trust: 0.8
vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	web edition version 4	Trust: 0.8
vendor:	hitachi	model:	cosminexus/opentp1	scope:	eq	version:	web front-end set	Trust: 0.8
vendor:	hitachi	model:	electronic form workflow	scope:	eq	version:	developer client set	Trust: 0.8
vendor:	hitachi	model:	electronic form workflow	scope:	eq	version:	professional library set	Trust: 0.8
vendor:	hitachi	model:	electronic form workflow	scope:	eq	version:	standard set	Trust: 0.8
vendor:	hitachi	model:	groupmax collaboration	scope:	eq	version:	server	Trust: 0.8
vendor:	hitachi	model:	developer's kit for java	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	processing kit for xml	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	enterprise	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	standard	Trust: 0.8
vendor:	hitachi	model:	ucosminexus client	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus collaboration	scope:	eq	version:	server	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	light	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	professional	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	standard	Trust: 0.8
vendor:	hitachi	model:	ucosminexus erp integrator	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus operator	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service	scope:	eq	version:	architect	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service	scope:	eq	version:	platform	Trust: 0.8
vendor:	hitachi	model:	ucosminexus/opentp1	scope:	eq	version:	web front-end set	Trust: 0.8
vendor:	microsoft	model:	windows	scope:	-	version:	-	Trust: 0.6
vendor:	ibm	model:	xl c/c++ enterprise edition for aix	scope:	eq	version:	v80	Trust: 0.3
vendor:	ibm	model:	xl c/c++ enterprise edition for aix	scope:	eq	version:	v70	Trust: 0.3
vendor:	hitachi	model:	ucosminexus/opentp1 web front-end set	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus service platform	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus service architect	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus operator	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus erp integrator	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus developer standard	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus developer professional	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus developer light	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus collaboration server	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus client	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus application server standard	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	ucosminexus application server enterprise	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	processing kit for xml	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	groupmax collaboration server	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	electronic form workflow standard set	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	electronic form workflow professional library set	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	electronic form workflow developer client set	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	developer's kit for java	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	cosminexus/opentp1 web front-end set	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	cosminexus studio web edition	scope:	eq	version:	4	Trust: 0.3
vendor:	hitachi	model:	cosminexus studio standard edition	scope:	eq	version:	4	Trust: 0.3
vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	5	Trust: 0.3
vendor:	hitachi	model:	cosminexus server web edition	scope:	eq	version:	4	Trust: 0.3
vendor:	hitachi	model:	cosminexus server standard edition	scope:	eq	version:	4	Trust: 0.3
vendor:	hitachi	model:	cosminexus erp integrator	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	cosminexus developer standard	scope:	eq	version:	6	Trust: 0.3
vendor:	hitachi	model:	cosminexus developer professional	scope:	eq	version:	6	Trust: 0.3
vendor:	hitachi	model:	cosminexus developer light	scope:	eq	version:	6	Trust: 0.3
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	5	Trust: 0.3
vendor:	hitachi	model:	cosminexus collaboration server	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	cosminexus client	scope:	eq	version:	6	Trust: 0.3
vendor:	hitachi	model:	cosminexus application server standard	scope:	eq	version:	6	Trust: 0.3
vendor:	hitachi	model:	cosminexus application server enterprise	scope:	eq	version:	6	Trust: 0.3
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	5	Trust: 0.3

sources: BID: 24905 // JVNDB: JVNDB-2007-000701 // CNNVD: CNNVD-200707-260 // NVD: CVE-2007-3794

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-3794
value:	HIGH
Trust: 1.0
IPA:	JVNDB-2007-000701
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200707-260
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2007-3794
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
IPA:	JVNDB-2007-000701
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

sources: JVNDB: JVNDB-2007-000701 // CNNVD: CNNVD-200707-260 // NVD: CVE-2007-3794

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-3794

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200707-260

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200707-260

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-000701

PATCH

title:

HS07-018

url:

http://www.hitachi-support.com/security_e/vuls_e/HS07-018_e/index-e.html

Trust: 0.8

sources: JVNDB: JVNDB-2007-000701

EXTERNAL IDS

db:	NVD	id:	CVE-2007-3794	Trust: 2.7
db:	BID	id:	24905	Trust: 2.7
db:	SECUNIA	id:	26025	Trust: 2.6
db:	HITACHI	id:	HS07-018	Trust: 2.0
db:	VUPEN	id:	ADV-2007-2534	Trust: 1.6
db:	OSVDB	id:	37851	Trust: 1.6
db:	USCERT	id:	SA07-022A	Trust: 0.8
db:	USCERT	id:	TA07-022A	Trust: 0.8
db:	XF	id:	36022	Trust: 0.8
db:	JVNDB	id:	JVNDB-2007-000701	Trust: 0.8
db:	CNNVD	id:	CNNVD-200707-260	Trust: 0.6
db:	PACKETSTORM	id:	57727	Trust: 0.1

sources: BID: 24905 // JVNDB: JVNDB-2007-000701 // PACKETSTORM: 57727 // CNNVD: CNNVD-200707-260 // NVD: CVE-2007-3794

REFERENCES

url:	http://secunia.com/advisories/26025	Trust: 2.4
url:	http://www.securityfocus.com/bid/24905	Trust: 2.4
url:	http://www.hitachi-support.com/security_e/vuls_e/hs07-018_e/index-e.html	Trust: 2.0
url:	http://osvdb.org/37851	Trust: 1.6
url:	http://www.frsirt.com/english/advisories/2007/2534	Trust: 1.4
url:	http://www.vupen.com/english/advisories/2007/2534	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3794	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/36022	Trust: 0.8
url:	http://jvn.jp/cert/jvnta07-022a/index.html	Trust: 0.8
url:	http://jvn.jp/tr/trta07-022a/index.html	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-3794	Trust: 0.8
url:	http://www.us-cert.gov/cas/alerts/sa07-022a.html	Trust: 0.8
url:	http://www.us-cert.gov/cas/techalerts/ta07-022a.html	Trust: 0.8
url:	http://www.hds.com/products/storage-software/hitachi-device-manager.html	Trust: 0.3
url:	http://secunia.com/advisories/26025/	Trust: 0.1
url:	http://secunia.com/product/13823/	Trust: 0.1
url:	http://secunia.com/product/4393/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/14787/	Trust: 0.1
url:	http://secunia.com/network_software_inspector/	Trust: 0.1
url:	http://secunia.com/product/14786/	Trust: 0.1
url:	http://secunia.com/product/5795/	Trust: 0.1
url:	http://secunia.com/product/13820/	Trust: 0.1
url:	http://secunia.com/product/13821/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/product/5794/	Trust: 0.1
url:	http://secunia.com/product/13819/	Trust: 0.1

sources: BID: 24905 // JVNDB: JVNDB-2007-000701 // PACKETSTORM: 57727 // CNNVD: CNNVD-200707-260 // NVD: CVE-2007-3794

CREDITS

The vendor disclosed this issue.

Trust: 0.9

sources: BID: 24905 // CNNVD: CNNVD-200707-260

SOURCES

db:	BID	id:	24905
db:	JVNDB	id:	JVNDB-2007-000701
db:	PACKETSTORM	id:	57727
db:	CNNVD	id:	CNNVD-200707-260
db:	NVD	id:	CVE-2007-3794

LAST UPDATE DATE

2024-08-14T12:44:11.867000+00:00

SOURCES UPDATE DATE

db:	BID	id:	24905	date:	2015-05-07T17:37:00
db:	JVNDB	id:	JVNDB-2007-000701	date:	2008-05-21T00:00:00
db:	CNNVD	id:	CNNVD-200707-260	date:	2007-07-18T00:00:00
db:	NVD	id:	CVE-2007-3794	date:	2011-03-08T02:57:07.533

SOURCES RELEASE DATE

db:	BID	id:	24905	date:	2007-07-13T00:00:00
db:	JVNDB	id:	JVNDB-2007-000701	date:	2008-05-21T00:00:00
db:	PACKETSTORM	id:	57727	date:	2007-07-13T21:43:57
db:	CNNVD	id:	CNNVD-200707-260	date:	2007-07-15T00:00:00
db:	NVD	id:	CVE-2007-3794	date:	2007-07-15T23:30:00