CVE-2010-4476

Published: Feb 17, 2011

Modified: Aug 7, 2024

PUBLISHED

Description

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

43295

third-party-advisory

x_refsource_SECUNIA

1025062

vdb-entry

x_refsource_SECTRACK

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html

x_refsource_CONFIRM

43280

third-party-advisory

x_refsource_SECUNIA

RHSA-2011:0210

vendor-advisory

x_refsource_REDHAT

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

x_refsource_CONFIRM

GLSA-201406-32

vendor-advisory

x_refsource_GENTOO

oval:org.mitre.oval:def:14328

vdb-entry

signature

x_refsource_OVAL

HPSBMU02799

vendor-advisory

x_refsource_HP

FEDORA-2011-1231

vendor-advisory

x_refsource_FEDORA

FEDORA-2011-1263

vendor-advisory

x_refsource_FEDORA

SUSE-SU-2011:0823

vendor-advisory

x_refsource_SUSE

HPSBNS02633

vendor-advisory

x_refsource_HP

SSRT100387

vendor-advisory

x_refsource_HP

HPSBUX02860

vendor-advisory

x_refsource_HP

RHSA-2011:0214

vendor-advisory

x_refsource_REDHAT

PM31983

vendor-advisory

x_refsource_AIXAPAR

45555

third-party-advisory

x_refsource_SECUNIA

IZ94423

vendor-advisory

x_refsource_AIXAPAR

43400

third-party-advisory

x_refsource_SECUNIA

SSRT100412

vendor-advisory

x_refsource_HP

HPSBMA02642

vendor-advisory

x_refsource_HP

43378

third-party-advisory

x_refsource_SECUNIA

45022

third-party-advisory

x_refsource_SECUNIA

RHSA-2011:0333

vendor-advisory

x_refsource_REDHAT

ADV-2011-0422

vdb-entry

x_refsource_VUPEN

oval:org.mitre.oval:def:12662

vdb-entry

signature

x_refsource_OVAL

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

x_refsource_CONFIRM

HPSBMU02690

vendor-advisory

x_refsource_HP

ADV-2011-0434

vdb-entry

x_refsource_VUPEN

HPSBUX02633

vendor-advisory

x_refsource_HP

HPSBOV02762

vendor-advisory

x_refsource_HP

oval:org.mitre.oval:def:14589

vdb-entry

signature

x_refsource_OVAL

HPSBUX02641

vendor-advisory

x_refsource_HP

RHSA-2011:0213

vendor-advisory

x_refsource_REDHAT

SSRT100627

vendor-advisory

x_refsource_HP

http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/

x_refsource_MISC

ADV-2011-0377

vdb-entry

x_refsource_VUPEN

44954

third-party-advisory

x_refsource_SECUNIA

HPSBOV02634

vendor-advisory

x_refsource_HP

ADV-2011-0365

vdb-entry

x_refsource_VUPEN

SSRT100415

vendor-advisory

x_refsource_HP

http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html

x_refsource_CONFIRM

RHSA-2011:0880

vendor-advisory

x_refsource_REDHAT

oval:org.mitre.oval:def:12745

vdb-entry

signature

x_refsource_OVAL

RHSA-2011:0334

vendor-advisory

x_refsource_REDHAT

RHSA-2011:0282

vendor-advisory

x_refsource_REDHAT

http://www-01.ibm.com/support/docview.wss?uid=swg21468358

x_refsource_CONFIRM

43048

third-party-advisory

x_refsource_SECUNIA

DSA-2161

vendor-advisory

x_refsource_DEBIAN

SSRT100825

vendor-advisory

x_refsource_HP

ADV-2011-0379

vdb-entry

x_refsource_VUPEN

43304

third-party-advisory

x_refsource_SECUNIA

RHSA-2011:0211

vendor-advisory

x_refsource_REDHAT

SSRT100390

vendor-advisory

x_refsource_HP

SSRT100867

vendor-advisory

x_refsource_HP

49198

third-party-advisory

x_refsource_SECUNIA

43659

third-party-advisory

x_refsource_SECUNIA

http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html

x_refsource_CONFIRM

http://www.ibm.com/support/docview.wss?uid=swg24029498

x_refsource_CONFIRM

HPSBUX02725

vendor-advisory

x_refsource_HP

SUSE-SA:2011:024

vendor-advisory

x_refsource_SUSE

HPSBUX02777

vendor-advisory

x_refsource_HP

oval:org.mitre.oval:def:19493

vdb-entry

signature

x_refsource_OVAL

43333

third-party-advisory

x_refsource_SECUNIA

SSRT101146

vendor-advisory

x_refsource_HP

SSRT100569

vendor-advisory

x_refsource_HP

HPSBUX02645

vendor-advisory

x_refsource_HP

RHSA-2011:0212

vendor-advisory

x_refsource_REDHAT

HPSBUX02642

vendor-advisory

x_refsource_HP

SSRT100854

vendor-advisory

x_refsource_HP

http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html

x_refsource_CONFIRM

ADV-2011-0605

vdb-entry

x_refsource_VUPEN

http://blog.fortify.com/blog/2011/02/08/Double-Trouble

x_refsource_MISC

HPSBTU02684

vendor-advisory

x_refsource_HP

http://www.ibm.com/support/docview.wss?uid=swg24029497

x_refsource_CONFIRM

MDVSA-2011:054

vendor-advisory

x_refsource_MANDRIVA

HPSBMU02797

vendor-advisory

x_refsource_HP

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-4476

Description

Affected Products

References