[Japanese]

JVNDB-2009-001968

GIF File Processing Denial of Service Vulnerability in Multiple JP1 Products

Overview

A vulnerability exists in multiple JP1 products that could allow an attacker to cause denial of service (DoS) condition due to error in processing GIF files.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Partial
Affected Products


Hitachi, Ltd
  • Job Management Partner 1/Automatic Job Management System 2 - View
  • Job Management Partner 1/Integrated Management - View
  • Job Management Partner 1/Integrated Manager - Console View
  • Job Management Partner 1/Integrated Manager - View
  • Job Management Partner 1/Performance Management/SNMP System Observer
  • Job Management Partner 1/SNMP System Observer
  • JP1/Automatic Job Management System 2 - View
  • JP1/Cm2/SNMP System Observer
  • JP1/Integrated Management - View
  • JP1/Integrated Manager - View
  • JP1/Integrated Manager - Console View
  • JP1/Performance Management/SNMP System Observer
  • JP1/Server System Observer

Impact

A remote attacker could cause a denial of service (DoS) condition.
Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

Hitachi, Ltd
  • Hitachi Software Vulnerability Information : HS09-016
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2009-4777
References

  1. National Vulnerability Database (NVD) : CVE-2009-4777
  2. Secunia Advisory : SA36646
  3. SecurityFocus : 36311
  4. ISS X-Force Database : 53115
  5. VUPEN Security : VUPEN/ADV-2009-2576
  6. OPEN SOURCE VULNERABILITY DATABASE (OSVDB) : 57832
Revision History

  • [2009/09/14]
      Web page published

Date Public2009/07/31
Date First Published2009/09/14
Date Last Updated2009/09/14