Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-3794

Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.

Security Impact Summary

CVE-2007-3794 is a security vulnerability that . Impacting 16 products from microsoft, from hitachi, from hitachi and 13 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Originally identified in 2007, this vulnerability predates many modern security frameworks and practices. The vulnerability landscape of that era was characterized by different threat models and less mature defense mechanisms compared to contemporary standards.

Published

2007-07-15T23:30:00.000

Last Modified

2026-04-23T00:35:47.467

Status

Modified

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	microsoft	windows	*	No
Application	hitachi	cosminexus_application_server	05_00_05_00_h	Yes
Application	hitachi	cosminexus_application_server	05_01_05_01_k	Yes
Application	hitachi	cosminexus_application_server	05_05_05_00_o	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_g	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_g	Yes
Application	hitachi	cosminexus_application_server	06_02_06_02_f	Yes
Application	hitachi	cosminexus_application_server	06_02_06_02_f	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_e	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_e	Yes
Application	hitachi	cosminexus_application_server	06_51_06_51_g	Yes
Application	hitachi	cosminexus_application_server	06_51_06_51_g	Yes
Application	hitachi	cosminexus_client	06_00_06_00_g	Yes
Application	hitachi	cosminexus_client	06_02_06_02_f	Yes
Application	hitachi	cosminexus_client	06_50_06_50_e	Yes
Application	hitachi	cosminexus_client	06_51_06_51_g	Yes
Application	hitachi	cosminexus_developer	05_00_05_00_h	Yes
Application	hitachi	cosminexus_developer	05_01_05_01_k	Yes
Application	hitachi	cosminexus_developer	05_05_05_05_o	Yes
Application	hitachi	cosminexus_developer	06_00_06_00_g	Yes
Application	hitachi	cosminexus_developer	06_00_06_00_g	Yes
Application	hitachi	cosminexus_developer	06_00_06_00_g	Yes
Application	hitachi	cosminexus_developer	06_02_06_02_f	Yes
Application	hitachi	cosminexus_developer	06_02_06_02_f	Yes
Application	hitachi	cosminexus_developer	06_02_06_02_f	Yes
Application	hitachi	cosminexus_developer	06_50_06_50_e	Yes
Application	hitachi	cosminexus_developer	06_50_06_50_e	Yes
Application	hitachi	cosminexus_developer	06_50_06_50_e	Yes
Application	hitachi	cosminexus_developer	06_51_06_51_g	Yes
Application	hitachi	cosminexus_developer	06_51_06_51_g	Yes
Application	hitachi	cosminexus_developer	06_51_06_51_g	Yes
Application	hitachi	cosminexus_server	04_00_04_00_a	Yes
Application	hitachi	cosminexus_server	04_00_04_00_a	Yes
Application	hitachi	cosminexus_server	04_01_04_01_a	Yes
Application	hitachi	cosminexus_server	04_01_04_01_a	Yes
Application	hitachi	cosminexus_studio	04_00_04_00_a	Yes
Application	hitachi	cosminexus_studio	04_00_04_00_a	Yes
Application	hitachi	cosminexus_studio	04_01_04_01_a	Yes
Application	hitachi	cosminexus_studio	04_01_04_01_a	Yes
Application	hitachi	cosminexus_studio	05_05_05_05_o	Yes
Operating System	microsoft	windows	*	No
Application	hitachi	ucosminexus_application_server	06_70_06_70_a	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_a	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_b	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_b	Yes
Application	hitachi	ucosminexus_application_server	06_71_06_71_b	Yes
Application	hitachi	ucosminexus_application_server	06_71_06_71_b	Yes
Application	hitachi	ucosminexus_application_server	07_00_07_20	Yes
Application	hitachi	ucosminexus_application_server	07_00_07_20	Yes
Application	hitachi	ucosminexus_client	06_70_06_70_b	Yes
Application	hitachi	ucosminexus_client	06_71_06_71_b	Yes
Application	hitachi	ucosminexus_client	07_00_07_20	Yes
Application	hitachi	ucosminexus_developer	06_70_06_70_b	Yes
Application	hitachi	ucosminexus_developer	06_70_06_70_b	Yes
Application	hitachi	ucosminexus_developer	06_70_06_70_b	Yes
Application	hitachi	ucosminexus_developer	06_71_06_71_b	Yes
Application	hitachi	ucosminexus_developer	06_71_06_71_b	Yes
Application	hitachi	ucosminexus_developer	06_71_06_71_b	Yes
Application	hitachi	ucosminexus_operator	07_00_07_20	Yes
Application	hitachi	ucosminexus_service_architect	07_00_07_20	Yes
Application	hitachi	ucosminexus_service_platform	07_00_07_20	Yes
Operating System	linux	linux_kernel	*	No
Application	hitachi	cosminexus_application_server	05_05_05_05_h	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_b	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_b	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_d	Yes
Application	hitachi	cosminexus_application_server	06_02_06_02_f	Yes
Application	hitachi	cosminexus_application_server	06_02_06_02_f	Yes
Application	hitachi	cosminexus_application_server	06_02_06_02_f	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_b	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_b	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_c	Yes
Application	hitachi	cosminexus_application_server	06_51_06_51_b	Yes
Application	hitachi	cosminexus_application_server	06_51_06_51_b	Yes
Application	hitachi	cosminexus_application_server	06_51_06_51_b	Yes
Application	hitachi	cosminexus_application_server	06_51_06_51_c	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_b	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_b	Yes
Application	hitachi	ucosminexus_application_server	06_71_06_71_b	Yes
Application	hitachi	ucosminexus_application_server	06_71_06_71_b	Yes
Application	hitachi	ucosminexus_application_server	07_00_07_10	Yes
Application	hitachi	ucosminexus_application_server	07_00_07_10	Yes
Application	hitachi	ucosminexus_service_platform	07_00_07_10	Yes
Operating System	hp	hp-ux	*	No
Application	hitachi	cosminexus_application_server	05_02_05_02_e	Yes
Application	hitachi	cosminexus_application_server	05_05_05_05_h	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_d	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_d	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_e	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_e	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_d	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_d	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_e	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_e	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_b	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_b	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_h	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_h	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_72	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_72	Yes
Application	hitachi	ucosminexus_application_server	07_00_07_10	Yes
Application	hitachi	ucosminexus_application_server	07_00_07_10	Yes
Application	hitachi	ucosminexus_application_server	07_10	Yes
Application	hitachi	ucosminexus_application_server	07_10	Yes
Operating System	ibm	aix	*	No
Application	hitachi	cosminexus_application_server	05_00_05_00_r	Yes
Application	hitachi	cosminexus_application_server	05_05_05_05_l	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_g	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_g	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_f	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_f	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_d	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_d	Yes
Application	hitachi	ucosminexus_application_server	07_00_07_10	Yes
Application	hitachi	ucosminexus_application_server	07_00_07_10	Yes
Application	hitachi	ucosminexus_service_platform	07_10	Yes
Operating System	sun	solaris	*	No
Application	hitachi	cosminexus_application_server	06_00_06_00_a	Yes
Application	hitachi	cosminexus_application_server	06_00_06_00_a	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_c	Yes
Application	hitachi	cosminexus_application_server	06_50_06_50_c	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_c	Yes
Application	hitachi	ucosminexus_application_server	06_70_06_70_c	Yes
Application	hitachi	ucosminexus_application_server	07_00	Yes
Application	hitachi	ucosminexus_application_server	07_00	Yes

References

http://osvdb.org/37851 ([email protected])
http://secunia.com/advisories/26025 Vendor Advisory ([email protected])
http://www.hitachi-support.com/security_e/vuls_e/HS07-018_e/index-e.html ([email protected])
http://www.securityfocus.com/bid/24905 ([email protected])
http://www.vupen.com/english/advisories/2007/2534 ([email protected])
http://osvdb.org/37851 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26025 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.hitachi-support.com/security_e/vuls_e/HS07-018_e/index-e.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/24905 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/2534 (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For microsoft's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.