Vulnerabilities > Hitachi > Ucosminexus Application Server Standard > 07.10

DATE	CVE	VULNERABILITY TITLE	RISK
2007-09-08	CVE-2007-4760	Cross-Site Scripting vulnerability in Hitachi products The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network hitachi CWE-79	4.3
2007-09-08	CVE-2007-4759	Buffer Errors vulnerability in Hitachi products Multiple unspecified vulnerabilities in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service via unspecified vectors. network low complexity hitachi CWE-119	5.0
2007-09-08	CVE-2007-4758	Buffer Errors vulnerability in Hitachi products Multiple buffer overflows in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors. network low complexity hitachi CWE-119 critical	10.0
2007-08-28	CVE-2007-4564	Permissions, Privileges, and Access Controls vulnerability in Hitachi products Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's group permissions to logical user server processes, which allows local users to gain privileges. local low complexity hitachi CWE-264	4.6
2007-08-28	CVE-2007-4563	Permissions, Privileges, and Access Controls vulnerability in Hitachi products Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user's group permissions to logical J2EE server processes, which allows local users to gain privileges. local hitachi CWE-264	4.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.