CVE-2007-3794

Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.

Published: 2007-07-15 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2007-3794 is rated High Risk (69.7/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 2.19%). EPSS rose +1.73% over the last day, indicating growing attacker interest. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2007-3794

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.46% 2.19% +1.73%
2 2025-11-20 0.45% 0.46% +0.01%
3 2025-10-28 0.45%

Full EPSS history (12 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2007-3794

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
10.0 2.0 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 10.0 10.0 [email protected]

Weakness enumeration for CVE-2007-3794

Affected software / configurations for CVE-2007-3794

Vendor Product Version Raw CPE
hitachi cosminexus_application_server 05_00_05_00_h cpe:2.3:a:hitachi:cosminexus_application_server:05_00_05_00_h:*:*:*:*:*:*:*
hitachi cosminexus_application_server 05_01_05_01_k cpe:2.3:a:hitachi:cosminexus_application_server:05_01_05_01_k:*:*:*:*:*:*:*
hitachi cosminexus_application_server 05_05_05_00_o cpe:2.3:a:hitachi:cosminexus_application_server:05_05_05_00_o:*:*:*:*:*:*:*
hitachi cosminexus_application_server 06_00_06_00_g cpe:2.3:a:hitachi:cosminexus_application_server:06_00_06_00_g:*:enterprise:*:*:*:*:*
hitachi cosminexus_application_server 06_00_06_00_g cpe:2.3:a:hitachi:cosminexus_application_server:06_00_06_00_g:*:standard:*:*:*:*:*
hitachi cosminexus_application_server 06_02_06_02_f cpe:2.3:a:hitachi:cosminexus_application_server:06_02_06_02_f:*:enterprise:*:*:*:*:*
hitachi cosminexus_application_server 06_02_06_02_f cpe:2.3:a:hitachi:cosminexus_application_server:06_02_06_02_f:*:standard:*:*:*:*:*
hitachi cosminexus_application_server 06_50_06_50_e cpe:2.3:a:hitachi:cosminexus_application_server:06_50_06_50_e:*:enterprise:*:*:*:*:*
hitachi cosminexus_application_server 06_50_06_50_e cpe:2.3:a:hitachi:cosminexus_application_server:06_50_06_50_e:*:standard:*:*:*:*:*
hitachi cosminexus_application_server 06_51_06_51_g cpe:2.3:a:hitachi:cosminexus_application_server:06_51_06_51_g:*:enterprise:*:*:*:*:*
hitachi cosminexus_application_server 06_51_06_51_g cpe:2.3:a:hitachi:cosminexus_application_server:06_51_06_51_g:*:standard:*:*:*:*:*
hitachi cosminexus_client 06_00_06_00_g cpe:2.3:a:hitachi:cosminexus_client:06_00_06_00_g:*:*:*:*:*:*:*
hitachi cosminexus_client 06_02_06_02_f cpe:2.3:a:hitachi:cosminexus_client:06_02_06_02_f:*:*:*:*:*:*:*
hitachi cosminexus_client 06_50_06_50_e cpe:2.3:a:hitachi:cosminexus_client:06_50_06_50_e:*:*:*:*:*:*:*
hitachi cosminexus_client 06_51_06_51_g cpe:2.3:a:hitachi:cosminexus_client:06_51_06_51_g:*:*:*:*:*:*:*
hitachi cosminexus_developer 05_00_05_00_h cpe:2.3:a:hitachi:cosminexus_developer:05_00_05_00_h:*:*:*:*:*:*:*
hitachi cosminexus_developer 05_01_05_01_k cpe:2.3:a:hitachi:cosminexus_developer:05_01_05_01_k:*:*:*:*:*:*:*
hitachi cosminexus_developer 05_05_05_05_o cpe:2.3:a:hitachi:cosminexus_developer:05_05_05_05_o:*:*:*:*:*:*:*
hitachi cosminexus_developer 06_00_06_00_g cpe:2.3:a:hitachi:cosminexus_developer:06_00_06_00_g:*:light:*:*:*:*:*
hitachi cosminexus_developer 06_00_06_00_g cpe:2.3:a:hitachi:cosminexus_developer:06_00_06_00_g:*:professional:*:*:*:*:*
hitachi cosminexus_developer 06_00_06_00_g cpe:2.3:a:hitachi:cosminexus_developer:06_00_06_00_g:*:standard:*:*:*:*:*
hitachi cosminexus_developer 06_02_06_02_f cpe:2.3:a:hitachi:cosminexus_developer:06_02_06_02_f:*:light:*:*:*:*:*
hitachi cosminexus_developer 06_02_06_02_f cpe:2.3:a:hitachi:cosminexus_developer:06_02_06_02_f:*:professional:*:*:*:*:*
hitachi cosminexus_developer 06_02_06_02_f cpe:2.3:a:hitachi:cosminexus_developer:06_02_06_02_f:*:standard:*:*:*:*:*
hitachi cosminexus_developer 06_50_06_50_e cpe:2.3:a:hitachi:cosminexus_developer:06_50_06_50_e:*:light:*:*:*:*:*
hitachi cosminexus_developer 06_50_06_50_e cpe:2.3:a:hitachi:cosminexus_developer:06_50_06_50_e:*:professional:*:*:*:*:*
hitachi cosminexus_developer 06_50_06_50_e cpe:2.3:a:hitachi:cosminexus_developer:06_50_06_50_e:*:standard:*:*:*:*:*
hitachi cosminexus_developer 06_51_06_51_g cpe:2.3:a:hitachi:cosminexus_developer:06_51_06_51_g:*:light:*:*:*:*:*
hitachi cosminexus_developer 06_51_06_51_g cpe:2.3:a:hitachi:cosminexus_developer:06_51_06_51_g:*:professional:*:*:*:*:*
hitachi cosminexus_developer 06_51_06_51_g cpe:2.3:a:hitachi:cosminexus_developer:06_51_06_51_g:*:standard:*:*:*:*:*
hitachi cosminexus_server 04_00_04_00_a cpe:2.3:a:hitachi:cosminexus_server:04_00_04_00_a:*:standard:*:*:*:*:*
hitachi cosminexus_server 04_00_04_00_a cpe:2.3:a:hitachi:cosminexus_server:04_00_04_00_a:*:web:*:*:*:*:*
hitachi cosminexus_server 04_01_04_01_a cpe:2.3:a:hitachi:cosminexus_server:04_01_04_01_a:*:standard:*:*:*:*:*
hitachi cosminexus_server 04_01_04_01_a cpe:2.3:a:hitachi:cosminexus_server:04_01_04_01_a:*:web:*:*:*:*:*
hitachi cosminexus_studio 04_00_04_00_a cpe:2.3:a:hitachi:cosminexus_studio:04_00_04_00_a:*:standard:*:*:*:*:*
hitachi cosminexus_studio 04_00_04_00_a cpe:2.3:a:hitachi:cosminexus_studio:04_00_04_00_a:*:web:*:*:*:*:*
hitachi cosminexus_studio 04_01_04_01_a cpe:2.3:a:hitachi:cosminexus_studio:04_01_04_01_a:*:standard:*:*:*:*:*
hitachi cosminexus_studio 04_01_04_01_a cpe:2.3:a:hitachi:cosminexus_studio:04_01_04_01_a:*:web:*:*:*:*:*
hitachi cosminexus_studio 05_05_05_05_o cpe:2.3:a:hitachi:cosminexus_studio:05_05_05_05_o:*:*:*:*:*:*:*
hitachi ucosminexus_application_server 06_70_06_70_a cpe:2.3:a:hitachi:ucosminexus_application_server:06_70_06_70_a:*:enterprise:*:*:*:*:*
hitachi ucosminexus_application_server 06_70_06_70_a cpe:2.3:a:hitachi:ucosminexus_application_server:06_70_06_70_a:*:standard:*:*:*:*:*
hitachi ucosminexus_application_server 06_70_06_70_b cpe:2.3:a:hitachi:ucosminexus_application_server:06_70_06_70_b:*:enterprise:*:*:*:*:*
hitachi ucosminexus_application_server 06_70_06_70_b cpe:2.3:a:hitachi:ucosminexus_application_server:06_70_06_70_b:*:standard:*:*:*:*:*
hitachi ucosminexus_application_server 06_71_06_71_b cpe:2.3:a:hitachi:ucosminexus_application_server:06_71_06_71_b:*:enterprise:*:*:*:*:*
hitachi ucosminexus_application_server 06_71_06_71_b cpe:2.3:a:hitachi:ucosminexus_application_server:06_71_06_71_b:*:standard:*:*:*:*:*
hitachi ucosminexus_application_server 07_00_07_20 cpe:2.3:a:hitachi:ucosminexus_application_server:07_00_07_20:*:enterprise:*:*:*:*:*
hitachi ucosminexus_application_server 07_00_07_20 cpe:2.3:a:hitachi:ucosminexus_application_server:07_00_07_20:*:standard:*:*:*:*:*
hitachi ucosminexus_client 06_70_06_70_b cpe:2.3:a:hitachi:ucosminexus_client:06_70_06_70_b:*:*:*:*:*:*:*
hitachi ucosminexus_client 06_71_06_71_b cpe:2.3:a:hitachi:ucosminexus_client:06_71_06_71_b:*:*:*:*:*:*:*
hitachi ucosminexus_client 07_00_07_20 cpe:2.3:a:hitachi:ucosminexus_client:07_00_07_20:*:*:*:*:*:*:*
hitachi ucosminexus_developer 06_70_06_70_b cpe:2.3:a:hitachi:ucosminexus_developer:06_70_06_70_b:*:light:*:*:*:*:*
hitachi ucosminexus_developer 06_70_06_70_b cpe:2.3:a:hitachi:ucosminexus_developer:06_70_06_70_b:*:professional:*:*:*:*:*
hitachi ucosminexus_developer 06_70_06_70_b cpe:2.3:a:hitachi:ucosminexus_developer:06_70_06_70_b:*:standard:*:*:*:*:*
hitachi ucosminexus_developer 06_71_06_71_b cpe:2.3:a:hitachi:ucosminexus_developer:06_71_06_71_b:*:light:*:*:*:*:*
hitachi ucosminexus_developer 06_71_06_71_b cpe:2.3:a:hitachi:ucosminexus_developer:06_71_06_71_b:*:professional:*:*:*:*:*
hitachi ucosminexus_developer 06_71_06_71_b cpe:2.3:a:hitachi:ucosminexus_developer:06_71_06_71_b:*:standard:*:*:*:*:*
hitachi ucosminexus_operator 07_00_07_20 cpe:2.3:a:hitachi:ucosminexus_operator:07_00_07_20:*:*:*:*:*:*:*
hitachi ucosminexus_service_architect 07_00_07_20 cpe:2.3:a:hitachi:ucosminexus_service_architect:07_00_07_20:*:*:*:*:*:*:*
hitachi ucosminexus_service_platform 07_00_07_20 cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00_07_20:*:*:*:*:*:*:*
hitachi cosminexus_application_server 05_05_05_05_h cpe:2.3:a:hitachi:cosminexus_application_server:05_05_05_05_h:*:*:*:*:*:*:*
hitachi cosminexus_application_server 06_00_06_00_b cpe:2.3:a:hitachi:cosminexus_application_server:06_00_06_00_b:*:enterprise:*:*:*:*:*
hitachi cosminexus_application_server 06_00_06_00_b cpe:2.3:a:hitachi:cosminexus_application_server:06_00_06_00_b:*:standard:*:*:*:*:*
hitachi cosminexus_application_server 06_00_06_00_d cpe:2.3:a:hitachi:cosminexus_application_server:06_00_06_00_d:*:*:*:*:*:*:*
hitachi cosminexus_application_server 06_02_06_02_f cpe:2.3:a:hitachi:cosminexus_application_server:06_02_06_02_f:*:*:*:*:*:*:*
hitachi cosminexus_application_server 06_50_06_50_b cpe:2.3:a:hitachi:cosminexus_application_server:06_50_06_50_b:*:enterprise:*:*:*:*:*
hitachi cosminexus_application_server 06_50_06_50_b cpe:2.3:a:hitachi:cosminexus_application_server:06_50_06_50_b:*:standard:*:*:*:*:*
hitachi cosminexus_application_server 06_50_06_50_c cpe:2.3:a:hitachi:cosminexus_application_server:06_50_06_50_c:*:*:*:*:*:*:*
hitachi cosminexus_application_server 06_51_06_51_b cpe:2.3:a:hitachi:cosminexus_application_server:06_51_06_51_b:*:*:*:*:*:*:*
hitachi cosminexus_application_server 06_51_06_51_b cpe:2.3:a:hitachi:cosminexus_application_server:06_51_06_51_b:*:enterprise:*:*:*:*:*
hitachi cosminexus_application_server 06_51_06_51_b cpe:2.3:a:hitachi:cosminexus_application_server:06_51_06_51_b:*:standard:*:*:*:*:*
hitachi cosminexus_application_server 06_51_06_51_c cpe:2.3:a:hitachi:cosminexus_application_server:06_51_06_51_c:*:*:*:*:*:*:*
hitachi ucosminexus_application_server 07_00_07_10 cpe:2.3:a:hitachi:ucosminexus_application_server:07_00_07_10:*:enterprise:*:*:*:*:*
hitachi ucosminexus_application_server 07_00_07_10 cpe:2.3:a:hitachi:ucosminexus_application_server:07_00_07_10:*:standard:*:*:*:*:*
hitachi ucosminexus_service_platform 07_00_07_10 cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00_07_10:*:*:*:*:*:*:*
hitachi cosminexus_application_server 05_02_05_02_e cpe:2.3:a:hitachi:cosminexus_application_server:05_02_05_02_e:*:*:*:*:*:*:*
hitachi cosminexus_application_server 06_00_06_00_d cpe:2.3:a:hitachi:cosminexus_application_server:06_00_06_00_d:*:enterprise:*:*:*:*:*
hitachi cosminexus_application_server 06_00_06_00_d cpe:2.3:a:hitachi:cosminexus_application_server:06_00_06_00_d:*:standard:*:*:*:*:*
hitachi cosminexus_application_server 06_00_06_00_e cpe:2.3:a:hitachi:cosminexus_application_server:06_00_06_00_e:*:enterprise:*:*:*:*:*
hitachi cosminexus_application_server 06_00_06_00_e cpe:2.3:a:hitachi:cosminexus_application_server:06_00_06_00_e:*:standard:*:*:*:*:*
hitachi cosminexus_application_server 06_50_06_50_d cpe:2.3:a:hitachi:cosminexus_application_server:06_50_06_50_d:*:enterprise:*:*:*:*:*

References for CVE-2007-3794

cvelogic Threat Intelligence