CVE-2009-4776

CWE-119 — Buffer Overflow3 documents3 sources

Severity

9.3CRITICAL

EPSS

1.3%

top 19.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Hitachi Cosminexus\/opentp1 WEB WEB Front-endset Hitachi Cosminexus Application Server Hitachi Cosminexus Client +21 more

Timeline

PublishedApr 21

Latest updateMay 2

Description

Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors related to the use of GIF image processing APIs by a Java application, and a different issue from CVE-2007-3794.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages24 packages

▶NVDhitachi/electronic_form_workflow-developer_set4 versions+3

▶NVDhitachi/electronic_form_workflow-developer_client_set10 versions+9

▶NVDhitachi/ucosminexus_developer11 versions+10

▶NVDhitachi/electronic_form_workflow_set4 versions+3

▶NVDhitachi/ucosminexus_service_platform7 versions+6

🔴Vulnerability Details

GHSA

GHSA-8fh2-gm95-pm7q: Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, El↗2022-05-02

▶

CVEList

CVE-2009-4776: Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, El↗2010-04-21

▶

External resources

NVD MITRE

Affected products24

Hitachi Cosminexus Application Serverv05-00v05-00-\/iv05-00-\/s+29 more

Hitachi Cosminexus Clientv06-00v06-00-\/iv06-02+5 more

Hitachi Cosminexus Developerv05-00v05-00-\/iv05-01+13 more

Hitachi Cosminexus Serverv04-00v04-00-\/av04-01+1 more

Hitachi Cosminexus Studiov04-00v04-00-\/av04-01+7 more

Hitachi Cosminexus\/opentp1 WEB WEB Front-endsetv01-00v01-00-\/bv01-01+5 more

Hitachi Electronic Form Workflow SETv07-50v07-50-\/dv07-60+1 more

Hitachi Electronic Form Workflow-developer Client SETv06-70v06-70-\/fv07-00+7 more

Hitachi Electronic Form Workflow-developer SETv07-50v07-50-\/dv07-60+1 more

Hitachi Electronic Form Workflow-professional Library SETv06-70v06-70-\/cv06-70-\/f+9 more

Disclosure

PublishedApr 21, 2010

Latest updateMay 2, 2022