Strix
26.1K

CVE-2007-3794

UnknownEPSS 2.19%

Last modified

CVE-2007-3794 is a vulnerability of currently unknown severity. Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.. EPSS estimates a 2.19% chance of exploitation in the next 30 days.

Description

Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.

Metrics

EPSS Probability
2.19%

80.1th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
HitachiCosminexus Application Server05_00_05_00_h
HitachiCosminexus Application Server05_01_05_01_k
HitachiCosminexus Application Server05_05_05_00_o
HitachiCosminexus Application Server06_00_06_00_g
HitachiCosminexus Application Server06_02_06_02_f
HitachiCosminexus Application Server06_50_06_50_e
HitachiCosminexus Application Server06_51_06_51_g
HitachiCosminexus Client06_00_06_00_g
HitachiCosminexus Client06_02_06_02_f
HitachiCosminexus Client06_50_06_50_e
HitachiCosminexus Client06_51_06_51_g
HitachiCosminexus Developer05_00_05_00_h
HitachiCosminexus Developer05_01_05_01_k
HitachiCosminexus Developer05_05_05_05_o
HitachiCosminexus Developer06_00_06_00_g
HitachiCosminexus Developer06_02_06_02_f
HitachiCosminexus Developer06_50_06_50_e
HitachiCosminexus Developer06_51_06_51_g
HitachiCosminexus Server04_00_04_00_a
HitachiCosminexus Server04_01_04_01_a
HitachiCosminexus Studio04_00_04_00_a
HitachiCosminexus Studio04_01_04_01_a
HitachiCosminexus Studio05_05_05_05_o
HitachiUcosminexus Application Server06_70_06_70_a
HitachiUcosminexus Application Server06_70_06_70_b
HitachiUcosminexus Application Server06_71_06_71_b
HitachiUcosminexus Application Server07_00_07_20
HitachiUcosminexus Client06_70_06_70_b
HitachiUcosminexus Client06_71_06_71_b
HitachiUcosminexus Client07_00_07_20
HitachiUcosminexus Developer06_70_06_70_b
HitachiUcosminexus Developer06_71_06_71_b
HitachiUcosminexus Operator07_00_07_20
HitachiUcosminexus Service Architect07_00_07_20
HitachiUcosminexus Service Platform07_00_07_20
HitachiCosminexus Application Server05_05_05_05_h
HitachiCosminexus Application Server06_00_06_00_b
HitachiCosminexus Application Server06_00_06_00_d
HitachiCosminexus Application Server06_50_06_50_b
HitachiCosminexus Application Server06_50_06_50_c
HitachiCosminexus Application Server06_51_06_51_b
HitachiCosminexus Application Server06_51_06_51_c
HitachiUcosminexus Application Server07_00_07_10
HitachiUcosminexus Service Platform07_00_07_10
HitachiCosminexus Application Server05_02_05_02_e
HitachiCosminexus Application Server06_00_06_00_e
HitachiCosminexus Application Server06_50_06_50_d
HitachiUcosminexus Application Server06_70_06_70_h
HitachiUcosminexus Application Server06_70_06_72
HitachiUcosminexus Application Server07_10

Showing 50 of 58 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2007-3794?
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.
How severe is CVE-2007-3794?
Severity scoring for CVE-2007-3794 is pending analysis. The EPSS model estimates a 2.19% probability of exploitation in the next 30 days.
How do I fix CVE-2007-3794?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-3794?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST