Buffer overflow in Hitachi Cosminexus_application_server

CVE-2009-4776

Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows rem…

Vulnerability class: Buffer Overflow

EPSS: 0.031 (85.9th percentile) — read the EPSS interpretation.

Affected products

Hitachi Cosminexus_application_server — versions 06-50-\/i, 06-51-\/b, 05-00
Hitachi Cosminexus_client — versions 06-00-\/i, 06-02, 06-51
Hitachi Cosminexus_developer — versions 06-00-\/i, 06-02, 06-51
Hitachi Cosminexus\/opentp1_web_web_front-endset — versions 01-01, 02-00, 02-50
Hitachi Cosminexus_server — versions 04-00-\/a, 04-00, 04-01-\/a
Hitachi Cosminexus_studio — versions 05-05, 05-01-\/l, 05-00
Hitachi Developer\'s_kit_for_java
Hitachi Electronic_form_workflow-developer_client_set — versions 07-11-\/c, 07-20-\/b, 06-70-\/f
Hitachi Electronic_form_workflow-developer_set — versions 07-60-\/i, 07-50-\/d, 07-60
Hitachi Electronic_form_workflow-professional_library_set — versions 07-11-\/c, 07-20-\/b, 06-70-\/f

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (vdb-entry, x_refsource_VUPEN, Vendor Advisory)