github - ghsa-gvgc-rxmh-5hvw

GHSA-GVGC-RXMH-5HVW

Vulnerability from github – Published: 2022-05-14 02:16 – Updated: 2024-02-27 21:57

Summary

Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment

Details

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.

Apache Tomcat introduced workarounds to avoid being affected by this issue in versions 7.0.7, 6.0.32, and 5.5.33.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.0.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.0.32"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.5.0"
            },
            {
              "fixed": "5.5.33"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2010-4476"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-27T21:57:19Z",
    "nvd_published_at": "2011-02-17T19:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The `Double.parseDouble` method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.\n\nApache Tomcat introduced workarounds to avoid being affected by this issue in versions 7.0.7, 6.0.32, and 5.5.33.",
  "id": "GHSA-gvgc-rxmh-5hvw",
  "modified": "2024-02-27T21:57:20Z",
  "published": "2022-05-14T02:16:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4476"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/407841c426dc52a4c6b8ccd297df6c484a540056"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/69ef147c4498397e8f644a0699cf588b45a05120"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/b0c1eeaa0d303bcb42651b222037e079d0634c01"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/tomcat"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493"
    },
    {
      "type": "WEB",
      "url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1066244"
    },
    {
      "type": "WEB",
      "url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1066315"
    },
    {
      "type": "WEB",
      "url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1066318"
    },
    {
      "type": "WEB",
      "url": "https://tomcat.apache.org/security-5.html"
    },
    {
      "type": "WEB",
      "url": "https://tomcat.apache.org/security-6.html"
    },
    {
      "type": "WEB",
      "url": "https://tomcat.apache.org/security-7.html"
    },
    {
      "type": "WEB",
      "url": "http://blog.fortify.com/blog/2011/02/08/Double-Trouble"
    },
    {
      "type": "WEB",
      "url": "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=130168502603566\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=130270785502599\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=130497132406206\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=130497185606818\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "type": "WEB",
      "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21468358"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2011/dsa-2161"
    },
    {
      "type": "WEB",
      "url": "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308"
    },
    {
      "type": "WEB",
      "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg24029497"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg24029498"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0210.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0211.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0212.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0213.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0214.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0333.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0334.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
    },
    {
      "type": "WEB",
      "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment"
}

CVE-2010-4476 (GCVE-0-2010-4476)

Vulnerability from cvelistv5 – Published: 2011-02-17 18:31 – Updated: 2024-08-07 03:43

Summary

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.

Severity ?

No CVSS data available.

CWE

Assigner

oracle

References

URL

Tags

	http://secunia.com/advisories/43295	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1025062	vdb-entryx_refsource_SECTRACK
	http://www.hitachi.co.jp/Prod/comp/soft1/global/s…	x_refsource_CONFIRM
	http://secunia.com/advisories/43280	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2011-02…	vendor-advisoryx_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisoryx_refsource_GENTOO
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://marc.info/?l=bugtraq&m=134254866602253&w=2	vendor-advisoryx_refsource_HP
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www13.itrc.hp.com/service/cki/docDisplay.d…	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=129899347607632&w=2	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=136485229118404&w=2	vendor-advisoryx_refsource_HP
	http://www.redhat.com/support/errata/RHSA-2011-02…	vendor-advisoryx_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/45555	third-party-advisoryx_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/43400	third-party-advisoryx_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=129960314701922&w=2	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=130514352726432&w=2	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/43378	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45022	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2011-03…	vendor-advisoryx_refsource_REDHAT
	http://www.vupen.com/english/advisories/2011/0422	vdb-entryx_refsource_VUPEN
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=131041767210772&w=2	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2011/0434	vdb-entryx_refsource_VUPEN
	http://marc.info/?l=bugtraq&m=129899347607632&w=2	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=133469267822771&w=2	vendor-advisoryx_refsource_HP
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://marc.info/?l=bugtraq&m=129960314701922&w=2	vendor-advisoryx_refsource_HP
	http://www.redhat.com/support/errata/RHSA-2011-02…	vendor-advisoryx_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=132215163318824&w=2	vendor-advisoryx_refsource_HP
	http://www.exploringbinary.com/java-hangs-when-co…	x_refsource_MISC
	http://www.vupen.com/english/advisories/2011/0377	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/44954	third-party-advisoryx_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=130497132406206&w=2	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2011/0365	vdb-entryx_refsource_VUPEN
	http://marc.info/?l=bugtraq&m=130514352726432&w=2	vendor-advisoryx_refsource_HP
	http://blogs.oracle.com/security/2011/02/security…	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2011-08…	vendor-advisoryx_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.redhat.com/support/errata/RHSA-2011-03…	vendor-advisoryx_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2011-02…	vendor-advisoryx_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://secunia.com/advisories/43048	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2011/dsa-2161	vendor-advisoryx_refsource_DEBIAN
	http://marc.info/?l=bugtraq&m=133469267822771&w=2	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2011/0379	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/43304	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2011-02…	vendor-advisoryx_refsource_REDHAT
	http://www13.itrc.hp.com/service/cki/docDisplay.d…	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=134254957702612&w=2	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/49198	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/43659	third-party-advisoryx_refsource_SECUNIA
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg24029498	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=132215163318824&w=2	vendor-advisoryx_refsource_HP
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://marc.info/?l=bugtraq&m=133728004526190&w=2	vendor-advisoryx_refsource_HP
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/43333	third-party-advisoryx_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=136485229118404&w=2	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=131041767210772&w=2	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=130168502603566&w=2	vendor-advisoryx_refsource_HP
	http://www.redhat.com/support/errata/RHSA-2011-02…	vendor-advisoryx_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=130270785502599&w=2	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=133728004526190&w=2	vendor-advisoryx_refsource_HP
	http://support.novell.com/docs/Readmes/InfoDocume…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0605	vdb-entryx_refsource_VUPEN
	http://blog.fortify.com/blog/2011/02/08/Double-Trouble	x_refsource_MISC
	http://marc.info/?l=bugtraq&m=130497185606818&w=2	vendor-advisoryx_refsource_HP
	http://www.ibm.com/support/docview.wss?uid=swg24029497	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://marc.info/?l=bugtraq&m=134254957702612&w=2	vendor-advisoryx_refsource_HP

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:43:14.943Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43295",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43295"
          },
          {
            "name": "1025062",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025062"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"
          },
          {
            "name": "43280",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43280"
          },
          {
            "name": "RHSA-2011:0210",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0210.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:14328",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328"
          },
          {
            "name": "HPSBMU02799",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
          },
          {
            "name": "FEDORA-2011-1231",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html"
          },
          {
            "name": "FEDORA-2011-1263",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html"
          },
          {
            "name": "SUSE-SU-2011:0823",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
          },
          {
            "name": "HPSBNS02633",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
          },
          {
            "name": "SSRT100387",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
          },
          {
            "name": "HPSBUX02860",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
          },
          {
            "name": "RHSA-2011:0214",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0214.html"
          },
          {
            "name": "PM31983",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983"
          },
          {
            "name": "45555",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45555"
          },
          {
            "name": "IZ94423",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423"
          },
          {
            "name": "43400",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43400"
          },
          {
            "name": "SSRT100412",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
          },
          {
            "name": "HPSBMA02642",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
          },
          {
            "name": "43378",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43378"
          },
          {
            "name": "45022",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45022"
          },
          {
            "name": "RHSA-2011:0333",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0333.html"
          },
          {
            "name": "ADV-2011-0422",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0422"
          },
          {
            "name": "oval:org.mitre.oval:def:12662",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"
          },
          {
            "name": "HPSBMU02690",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
          },
          {
            "name": "ADV-2011-0434",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0434"
          },
          {
            "name": "HPSBUX02633",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
          },
          {
            "name": "HPSBOV02762",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:14589",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589"
          },
          {
            "name": "HPSBUX02641",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
          },
          {
            "name": "RHSA-2011:0213",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0213.html"
          },
          {
            "name": "SSRT100627",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/"
          },
          {
            "name": "ADV-2011-0377",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0377"
          },
          {
            "name": "44954",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44954"
          },
          {
            "name": "HPSBOV02634",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497132406206\u0026w=2"
          },
          {
            "name": "ADV-2011-0365",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0365"
          },
          {
            "name": "SSRT100415",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html"
          },
          {
            "name": "RHSA-2011:0880",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
          },
          {
            "name": "oval:org.mitre.oval:def:12745",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745"
          },
          {
            "name": "RHSA-2011:0334",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0334.html"
          },
          {
            "name": "RHSA-2011:0282",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21468358"
          },
          {
            "name": "43048",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43048"
          },
          {
            "name": "DSA-2161",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2161"
          },
          {
            "name": "SSRT100825",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
          },
          {
            "name": "ADV-2011-0379",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0379"
          },
          {
            "name": "43304",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43304"
          },
          {
            "name": "RHSA-2011:0211",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0211.html"
          },
          {
            "name": "SSRT100390",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
          },
          {
            "name": "SSRT100867",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          },
          {
            "name": "49198",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49198"
          },
          {
            "name": "43659",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43659"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg24029498"
          },
          {
            "name": "HPSBUX02725",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
          },
          {
            "name": "SUSE-SA:2011:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
          },
          {
            "name": "HPSBUX02777",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:19493",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493"
          },
          {
            "name": "43333",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43333"
          },
          {
            "name": "SSRT101146",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
          },
          {
            "name": "SSRT100569",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
          },
          {
            "name": "HPSBUX02645",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130168502603566\u0026w=2"
          },
          {
            "name": "RHSA-2011:0212",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0212.html"
          },
          {
            "name": "HPSBUX02642",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130270785502599\u0026w=2"
          },
          {
            "name": "SSRT100854",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
          },
          {
            "name": "ADV-2011-0605",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0605"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.fortify.com/blog/2011/02/08/Double-Trouble"
          },
          {
            "name": "HPSBTU02684",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497185606818\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg24029497"
          },
          {
            "name": "MDVSA-2011:054",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
          },
          {
            "name": "HPSBMU02797",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-21T18:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "43295",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43295"
        },
        {
          "name": "1025062",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025062"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"
        },
        {
          "name": "43280",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43280"
        },
        {
          "name": "RHSA-2011:0210",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0210.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:14328",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328"
        },
        {
          "name": "HPSBMU02799",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
        },
        {
          "name": "FEDORA-2011-1231",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html"
        },
        {
          "name": "FEDORA-2011-1263",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html"
        },
        {
          "name": "SUSE-SU-2011:0823",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
        },
        {
          "name": "HPSBNS02633",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
        },
        {
          "name": "SSRT100387",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
        },
        {
          "name": "HPSBUX02860",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
        },
        {
          "name": "RHSA-2011:0214",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0214.html"
        },
        {
          "name": "PM31983",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983"
        },
        {
          "name": "45555",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45555"
        },
        {
          "name": "IZ94423",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423"
        },
        {
          "name": "43400",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43400"
        },
        {
          "name": "SSRT100412",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
        },
        {
          "name": "HPSBMA02642",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
        },
        {
          "name": "43378",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43378"
        },
        {
          "name": "45022",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45022"
        },
        {
          "name": "RHSA-2011:0333",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0333.html"
        },
        {
          "name": "ADV-2011-0422",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0422"
        },
        {
          "name": "oval:org.mitre.oval:def:12662",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"
        },
        {
          "name": "HPSBMU02690",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
        },
        {
          "name": "ADV-2011-0434",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0434"
        },
        {
          "name": "HPSBUX02633",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
        },
        {
          "name": "HPSBOV02762",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:14589",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589"
        },
        {
          "name": "HPSBUX02641",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
        },
        {
          "name": "RHSA-2011:0213",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0213.html"
        },
        {
          "name": "SSRT100627",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/"
        },
        {
          "name": "ADV-2011-0377",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0377"
        },
        {
          "name": "44954",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44954"
        },
        {
          "name": "HPSBOV02634",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497132406206\u0026w=2"
        },
        {
          "name": "ADV-2011-0365",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0365"
        },
        {
          "name": "SSRT100415",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html"
        },
        {
          "name": "RHSA-2011:0880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
        },
        {
          "name": "oval:org.mitre.oval:def:12745",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745"
        },
        {
          "name": "RHSA-2011:0334",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0334.html"
        },
        {
          "name": "RHSA-2011:0282",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21468358"
        },
        {
          "name": "43048",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43048"
        },
        {
          "name": "DSA-2161",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2161"
        },
        {
          "name": "SSRT100825",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
        },
        {
          "name": "ADV-2011-0379",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0379"
        },
        {
          "name": "43304",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43304"
        },
        {
          "name": "RHSA-2011:0211",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0211.html"
        },
        {
          "name": "SSRT100390",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
        },
        {
          "name": "SSRT100867",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
        },
        {
          "name": "49198",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49198"
        },
        {
          "name": "43659",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43659"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg24029498"
        },
        {
          "name": "HPSBUX02725",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
        },
        {
          "name": "SUSE-SA:2011:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
        },
        {
          "name": "HPSBUX02777",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:19493",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493"
        },
        {
          "name": "43333",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43333"
        },
        {
          "name": "SSRT101146",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
        },
        {
          "name": "SSRT100569",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
        },
        {
          "name": "HPSBUX02645",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130168502603566\u0026w=2"
        },
        {
          "name": "RHSA-2011:0212",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0212.html"
        },
        {
          "name": "HPSBUX02642",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130270785502599\u0026w=2"
        },
        {
          "name": "SSRT100854",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
        },
        {
          "name": "ADV-2011-0605",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0605"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.fortify.com/blog/2011/02/08/Double-Trouble"
        },
        {
          "name": "HPSBTU02684",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497185606818\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg24029497"
        },
        {
          "name": "MDVSA-2011:054",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
        },
        {
          "name": "HPSBMU02797",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2010-4476",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43295",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43295"
            },
            {
              "name": "1025062",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025062"
            },
            {
              "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html",
              "refsource": "CONFIRM",
              "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"
            },
            {
              "name": "43280",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43280"
            },
            {
              "name": "RHSA-2011:0210",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0210.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:14328",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328"
            },
            {
              "name": "HPSBMU02799",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
            },
            {
              "name": "FEDORA-2011-1231",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html"
            },
            {
              "name": "FEDORA-2011-1263",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html"
            },
            {
              "name": "SUSE-SU-2011:0823",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
            },
            {
              "name": "HPSBNS02633",
              "refsource": "HP",
              "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
            },
            {
              "name": "SSRT100387",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
            },
            {
              "name": "HPSBUX02860",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
            },
            {
              "name": "RHSA-2011:0214",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0214.html"
            },
            {
              "name": "PM31983",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983"
            },
            {
              "name": "45555",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/45555"
            },
            {
              "name": "IZ94423",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423"
            },
            {
              "name": "43400",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43400"
            },
            {
              "name": "SSRT100412",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
            },
            {
              "name": "HPSBMA02642",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
            },
            {
              "name": "43378",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43378"
            },
            {
              "name": "45022",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/45022"
            },
            {
              "name": "RHSA-2011:0333",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0333.html"
            },
            {
              "name": "ADV-2011-0422",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0422"
            },
            {
              "name": "oval:org.mitre.oval:def:12662",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"
            },
            {
              "name": "HPSBMU02690",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
            },
            {
              "name": "ADV-2011-0434",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0434"
            },
            {
              "name": "HPSBUX02633",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
            },
            {
              "name": "HPSBOV02762",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:14589",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589"
            },
            {
              "name": "HPSBUX02641",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
            },
            {
              "name": "RHSA-2011:0213",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0213.html"
            },
            {
              "name": "SSRT100627",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
            },
            {
              "name": "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/",
              "refsource": "MISC",
              "url": "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/"
            },
            {
              "name": "ADV-2011-0377",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0377"
            },
            {
              "name": "44954",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44954"
            },
            {
              "name": "HPSBOV02634",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130497132406206\u0026w=2"
            },
            {
              "name": "ADV-2011-0365",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0365"
            },
            {
              "name": "SSRT100415",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
            },
            {
              "name": "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html",
              "refsource": "CONFIRM",
              "url": "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html"
            },
            {
              "name": "RHSA-2011:0880",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
            },
            {
              "name": "oval:org.mitre.oval:def:12745",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745"
            },
            {
              "name": "RHSA-2011:0334",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0334.html"
            },
            {
              "name": "RHSA-2011:0282",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21468358",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21468358"
            },
            {
              "name": "43048",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43048"
            },
            {
              "name": "DSA-2161",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2161"
            },
            {
              "name": "SSRT100825",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
            },
            {
              "name": "ADV-2011-0379",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0379"
            },
            {
              "name": "43304",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43304"
            },
            {
              "name": "RHSA-2011:0211",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0211.html"
            },
            {
              "name": "SSRT100390",
              "refsource": "HP",
              "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
            },
            {
              "name": "SSRT100867",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            },
            {
              "name": "49198",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49198"
            },
            {
              "name": "43659",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43659"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg24029498",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg24029498"
            },
            {
              "name": "HPSBUX02725",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
            },
            {
              "name": "SUSE-SA:2011:024",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
            },
            {
              "name": "HPSBUX02777",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:19493",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493"
            },
            {
              "name": "43333",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43333"
            },
            {
              "name": "SSRT101146",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
            },
            {
              "name": "SSRT100569",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
            },
            {
              "name": "HPSBUX02645",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130168502603566\u0026w=2"
            },
            {
              "name": "RHSA-2011:0212",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0212.html"
            },
            {
              "name": "HPSBUX02642",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130270785502599\u0026w=2"
            },
            {
              "name": "SSRT100854",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
            },
            {
              "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
            },
            {
              "name": "ADV-2011-0605",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0605"
            },
            {
              "name": "http://blog.fortify.com/blog/2011/02/08/Double-Trouble",
              "refsource": "MISC",
              "url": "http://blog.fortify.com/blog/2011/02/08/Double-Trouble"
            },
            {
              "name": "HPSBTU02684",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130497185606818\u0026w=2"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg24029497",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg24029497"
            },
            {
              "name": "MDVSA-2011:054",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
            },
            {
              "name": "HPSBMU02797",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2010-4476",
    "datePublished": "2011-02-17T18:31:00",
    "dateReserved": "2010-12-06T00:00:00",
    "dateUpdated": "2024-08-07T03:43:14.943Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-GVGC-RXMH-5HVW

CVE-2010-4476 (GCVE-0-2010-4476)

Tags

Sightings

Nomenclature