JVNDB-2009-001544

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.

Hitachi, Ltd

• Cosminexus Application Server Version 5
• Cosminexus Application Server Standard Version 6
• Cosminexus Application Server Enterprise Version 6
• Cosminexus Client Version 6
• Cosminexus Developer Version 5
• Cosminexus Developer Standard Version 6
• Cosminexus Developer Professional Version 6
• Cosminexus Developer Light Version 6
• Cosminexus Server - Web Edition Version 4
• Cosminexus Server - Standard Edition Version 4
• Cosminexus Studio Version 5
• Cosminexus Studio - Web Edition Version 4
• Cosminexus Studio - Standard Edition Version 4
• Cosminexus/OpenTP1 Web Front-end Set
• Groupmax Collaboration - Server
• Hitachi Developer's Kit for Java
• Processing Kit for XML
• uCosminexus Application Server Enterprise
• uCosminexus Application Server Standard
• uCosminexus Client
• uCosminexus Collaboration - Server
• uCosminexus Developer Standard
• uCosminexus Developer Professional
• uCosminexus Developer Light
• uCosminexus Operator
• uCosminexus Service Platform
• uCosminexus Service Architect
• uCosminexus/OpenTP1 Web Front-end Set
• Electronic Form Workflow Set
• Electronic Form Workflow Professional Set
• Electronic Form Workflow Professional Library Set
• Electronic Form Workflow Developer Set
• Electronic Form Workflow Developer Client Set
• Electronic Form Workflow Standard Set

Unauthorized access may be done exploiting a deficiency in encoding
processing.

Please refer to the 'Vendor Information' section for the official
countermeasure and take appropriate action.

Hitachi, Ltd

• Hitachi Software Vulnerability Information : HS09-007

1. No Mapping(CWE-noinfo) [IPA Evaluation]

• [2009/07/07]
    Web page published