Action not permitted
Modal body text goes here.
Modal Title
Modal Body
jvndb-2011-000020
Vulnerability from jvndb
Published
2011-03-10 16:38
Modified
2018-02-07 17:10
Summary
IBM Tivoli vulnerable to denial-of-service (DoS)
Details
IBM Tivoli contains a denial-of-service (DoS) vulnerability.
IBM Tivoli contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE).
A wide range of products are affected. For more information, refer to the vendor's website.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000020.html", "dc:date": "2018-02-07T17:10+09:00", "dcterms:issued": "2011-03-10T16:38+09:00", "dcterms:modified": "2018-02-07T17:10+09:00", description: "IBM Tivoli contains a denial-of-service (DoS) vulnerability.\r\n\r\nIBM Tivoli contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE).\r\n\r\nA wide range of products are affected. For more information, refer to the vendor's website.", link: "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000020.html", "sec:cpe": [ { "#text": "cpe:/a:hp:systems_insight_manager", "@product": "HP Systems Insight Manager", "@vendor": "Hewlett-Packard Development Company,L.P", "@version": "2.2", }, { "#text": "cpe:/a:sun:jdk", "@product": "JDK", "@vendor": "Sun Microsystems, Inc.", "@version": "2.2", }, { "#text": "cpe:/a:sun:jre", "@product": "JRE", "@vendor": "Sun Microsystems, Inc.", "@version": "2.2", }, { "#text": "cpe:/a:sun:sdk", "@product": "SDK", "@vendor": "Sun Microsystems, Inc.", "@version": "2.2", }, ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "@version": "2.0", }, "sec:identifier": "JVNDB-2011-000020", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN81294135/index.html", "@id": "JVN#81294135", "@source": "JVN", }, { "#text": "https://jvn.jp/en/tr/JVNTR-2011-02/index.html", "@id": "JVNTR-2011-02", "@source": "JVNTR", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476", "@id": "CVE-2010-4476", "@source": "CVE", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4476", "@id": "CVE-2010-4476", "@source": "NVD", }, { "#text": "http://www.securitytracker.com/id?1025062", "@id": "1025062", "@source": "SECTRACK", }, { "#text": "http://secunia.com/advisories/43295", "@id": "SA43295", "@source": "SECUNIA-R", }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-189", "@title": "Numeric Errors(CWE-189)", }, ], title: "IBM Tivoli vulnerable to denial-of-service (DoS)", }
cve-2010-4476
Vulnerability from cvelistv5
Published
2011-02-17 18:31
Modified
2024-08-07 03:43
Severity ?
EPSS score ?
Summary
The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:43:14.943Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "43295", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43295", }, { name: "1025062", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1025062", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html", }, { name: "43280", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43280", }, { name: "RHSA-2011:0210", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0210.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", }, { name: "GLSA-201406-32", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201406-32.xml", }, { name: "oval:org.mitre.oval:def:14328", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328", }, { name: "HPSBMU02799", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=134254866602253&w=2", }, { name: "FEDORA-2011-1231", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html", }, { name: "FEDORA-2011-1263", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html", }, { name: "SUSE-SU-2011:0823", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html", }, { name: "HPSBNS02633", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475", }, { name: "SSRT100387", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=129899347607632&w=2", }, { name: "HPSBUX02860", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "RHSA-2011:0214", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0214.html", }, { name: "PM31983", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983", }, { name: "45555", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/45555", }, { name: "IZ94423", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423", }, { name: "43400", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43400", }, { name: "SSRT100412", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=129960314701922&w=2", }, { name: "HPSBMA02642", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130514352726432&w=2", }, { name: "43378", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43378", }, { name: "45022", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/45022", }, { name: "RHSA-2011:0333", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0333.html", }, { name: "ADV-2011-0422", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0422", }, { name: "oval:org.mitre.oval:def:12662", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html", }, { name: "HPSBMU02690", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=131041767210772&w=2", }, { name: "ADV-2011-0434", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0434", }, { name: "HPSBUX02633", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=129899347607632&w=2", }, { name: "HPSBOV02762", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "oval:org.mitre.oval:def:14589", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589", }, { name: "HPSBUX02641", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=129960314701922&w=2", }, { name: "RHSA-2011:0213", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0213.html", }, { name: "SSRT100627", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=132215163318824&w=2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/", }, { name: "ADV-2011-0377", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0377", }, { name: "44954", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/44954", }, { name: "HPSBOV02634", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497132406206&w=2", }, { name: "ADV-2011-0365", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0365", }, { name: "SSRT100415", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130514352726432&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html", }, { name: "RHSA-2011:0880", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0880.html", }, { name: "oval:org.mitre.oval:def:12745", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745", }, { name: "RHSA-2011:0334", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0334.html", }, { name: "RHSA-2011:0282", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0282.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21468358", }, { name: "43048", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43048", }, { name: "DSA-2161", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2011/dsa-2161", }, { name: "SSRT100825", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "ADV-2011-0379", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0379", }, { name: "43304", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43304", }, { name: "RHSA-2011:0211", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0211.html", }, { name: "SSRT100390", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475", }, { name: "SSRT100867", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, { name: "49198", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49198", }, { name: "43659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43659", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24029498", }, { name: "HPSBUX02725", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=132215163318824&w=2", }, { name: "SUSE-SA:2011:024", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html", }, { name: "HPSBUX02777", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { name: "oval:org.mitre.oval:def:19493", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493", }, { name: "43333", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43333", }, { name: "SSRT101146", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "SSRT100569", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=131041767210772&w=2", }, { name: "HPSBUX02645", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130168502603566&w=2", }, { name: "RHSA-2011:0212", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0212.html", }, { name: "HPSBUX02642", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130270785502599&w=2", }, { name: "SSRT100854", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html", }, { name: "ADV-2011-0605", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0605", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.fortify.com/blog/2011/02/08/Double-Trouble", }, { name: "HPSBTU02684", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497185606818&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24029497", }, { name: "MDVSA-2011:054", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054", }, { name: "HPSBMU02797", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2011-02-15T00:00:00", descriptions: [ { lang: "en", value: "The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-21T18:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "43295", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43295", }, { name: "1025062", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1025062", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html", }, { name: "43280", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43280", }, { name: "RHSA-2011:0210", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0210.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", }, { name: "GLSA-201406-32", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201406-32.xml", }, { name: "oval:org.mitre.oval:def:14328", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328", }, { name: "HPSBMU02799", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=134254866602253&w=2", }, { name: "FEDORA-2011-1231", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html", }, { name: "FEDORA-2011-1263", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html", }, { name: "SUSE-SU-2011:0823", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html", }, { name: "HPSBNS02633", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475", }, { name: "SSRT100387", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=129899347607632&w=2", }, { name: "HPSBUX02860", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "RHSA-2011:0214", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0214.html", }, { name: "PM31983", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983", }, { name: "45555", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/45555", }, { name: "IZ94423", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423", }, { name: "43400", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43400", }, { name: "SSRT100412", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=129960314701922&w=2", }, { name: "HPSBMA02642", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130514352726432&w=2", }, { name: "43378", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43378", }, { name: "45022", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/45022", }, { name: "RHSA-2011:0333", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0333.html", }, { name: "ADV-2011-0422", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0422", }, { name: "oval:org.mitre.oval:def:12662", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html", }, { name: "HPSBMU02690", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=131041767210772&w=2", }, { name: "ADV-2011-0434", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0434", }, { name: "HPSBUX02633", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=129899347607632&w=2", }, { name: "HPSBOV02762", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "oval:org.mitre.oval:def:14589", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589", }, { name: "HPSBUX02641", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=129960314701922&w=2", }, { name: "RHSA-2011:0213", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0213.html", }, { name: "SSRT100627", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=132215163318824&w=2", }, { tags: [ "x_refsource_MISC", ], url: "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/", }, { name: "ADV-2011-0377", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0377", }, { name: "44954", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/44954", }, { name: "HPSBOV02634", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497132406206&w=2", }, { name: "ADV-2011-0365", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0365", }, { name: "SSRT100415", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130514352726432&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html", }, { name: "RHSA-2011:0880", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0880.html", }, { name: "oval:org.mitre.oval:def:12745", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745", }, { name: "RHSA-2011:0334", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0334.html", }, { name: "RHSA-2011:0282", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0282.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21468358", }, { name: "43048", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43048", }, { name: "DSA-2161", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2011/dsa-2161", }, { name: "SSRT100825", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "ADV-2011-0379", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0379", }, { name: "43304", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43304", }, { name: "RHSA-2011:0211", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0211.html", }, { name: "SSRT100390", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475", }, { name: "SSRT100867", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, { name: "49198", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49198", }, { name: "43659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43659", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24029498", }, { name: "HPSBUX02725", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=132215163318824&w=2", }, { name: "SUSE-SA:2011:024", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html", }, { name: "HPSBUX02777", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { name: "oval:org.mitre.oval:def:19493", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493", }, { name: "43333", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43333", }, { name: "SSRT101146", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "SSRT100569", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=131041767210772&w=2", }, { name: "HPSBUX02645", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130168502603566&w=2", }, { name: "RHSA-2011:0212", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0212.html", }, { name: "HPSBUX02642", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130270785502599&w=2", }, { name: "SSRT100854", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html", }, { name: "ADV-2011-0605", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0605", }, { tags: [ "x_refsource_MISC", ], url: "http://blog.fortify.com/blog/2011/02/08/Double-Trouble", }, { name: "HPSBTU02684", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497185606818&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24029497", }, { name: "MDVSA-2011:054", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054", }, { name: "HPSBMU02797", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2010-4476", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "43295", refsource: "SECUNIA", url: "http://secunia.com/advisories/43295", }, { name: "1025062", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1025062", }, { name: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html", refsource: "CONFIRM", url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html", }, { name: "43280", refsource: "SECUNIA", url: "http://secunia.com/advisories/43280", }, { name: "RHSA-2011:0210", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0210.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", }, { name: "GLSA-201406-32", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201406-32.xml", }, { name: "oval:org.mitre.oval:def:14328", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328", }, { name: "HPSBMU02799", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=134254866602253&w=2", }, { name: "FEDORA-2011-1231", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html", }, { name: "FEDORA-2011-1263", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html", }, { name: "SUSE-SU-2011:0823", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html", }, { name: "HPSBNS02633", refsource: "HP", url: "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475", }, { name: "SSRT100387", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=129899347607632&w=2", }, { name: "HPSBUX02860", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "RHSA-2011:0214", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0214.html", }, { name: "PM31983", refsource: "AIXAPAR", url: "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983", }, { name: "45555", refsource: "SECUNIA", url: "http://secunia.com/advisories/45555", }, { name: "IZ94423", refsource: "AIXAPAR", url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423", }, { name: "43400", refsource: "SECUNIA", url: "http://secunia.com/advisories/43400", }, { name: "SSRT100412", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=129960314701922&w=2", }, { name: "HPSBMA02642", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130514352726432&w=2", }, { name: "43378", refsource: "SECUNIA", url: "http://secunia.com/advisories/43378", }, { name: "45022", refsource: "SECUNIA", url: "http://secunia.com/advisories/45022", }, { name: "RHSA-2011:0333", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0333.html", }, { name: "ADV-2011-0422", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0422", }, { name: "oval:org.mitre.oval:def:12662", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662", }, { name: "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html", }, { name: "HPSBMU02690", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=131041767210772&w=2", }, { name: "ADV-2011-0434", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0434", }, { name: "HPSBUX02633", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=129899347607632&w=2", }, { name: "HPSBOV02762", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "oval:org.mitre.oval:def:14589", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589", }, { name: "HPSBUX02641", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=129960314701922&w=2", }, { name: "RHSA-2011:0213", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0213.html", }, { name: "SSRT100627", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=132215163318824&w=2", }, { name: "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/", refsource: "MISC", url: "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/", }, { name: "ADV-2011-0377", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0377", }, { name: "44954", refsource: "SECUNIA", url: "http://secunia.com/advisories/44954", }, { name: "HPSBOV02634", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497132406206&w=2", }, { name: "ADV-2011-0365", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0365", }, { name: "SSRT100415", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130514352726432&w=2", }, { name: "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html", refsource: "CONFIRM", url: "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html", }, { name: "RHSA-2011:0880", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0880.html", }, { name: "oval:org.mitre.oval:def:12745", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745", }, { name: "RHSA-2011:0334", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0334.html", }, { name: "RHSA-2011:0282", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0282.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21468358", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21468358", }, { name: "43048", refsource: "SECUNIA", url: "http://secunia.com/advisories/43048", }, { name: "DSA-2161", refsource: "DEBIAN", url: "http://www.debian.org/security/2011/dsa-2161", }, { name: "SSRT100825", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "ADV-2011-0379", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0379", }, { name: "43304", refsource: "SECUNIA", url: "http://secunia.com/advisories/43304", }, { name: "RHSA-2011:0211", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0211.html", }, { name: "SSRT100390", refsource: "HP", url: "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475", }, { name: "SSRT100867", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, { name: "49198", refsource: "SECUNIA", url: "http://secunia.com/advisories/49198", }, { name: "43659", refsource: "SECUNIA", url: "http://secunia.com/advisories/43659", }, { name: "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg24029498", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg24029498", }, { name: "HPSBUX02725", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=132215163318824&w=2", }, { name: "SUSE-SA:2011:024", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html", }, { name: "HPSBUX02777", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { name: "oval:org.mitre.oval:def:19493", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493", }, { name: "43333", refsource: "SECUNIA", url: "http://secunia.com/advisories/43333", }, { name: "SSRT101146", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "SSRT100569", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=131041767210772&w=2", }, { name: "HPSBUX02645", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130168502603566&w=2", }, { name: "RHSA-2011:0212", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0212.html", }, { name: "HPSBUX02642", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130270785502599&w=2", }, { name: "SSRT100854", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { name: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html", refsource: "CONFIRM", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html", }, { name: "ADV-2011-0605", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0605", }, { name: "http://blog.fortify.com/blog/2011/02/08/Double-Trouble", refsource: "MISC", url: "http://blog.fortify.com/blog/2011/02/08/Double-Trouble", }, { name: "HPSBTU02684", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497185606818&w=2", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg24029497", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg24029497", }, { name: "MDVSA-2011:054", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054", }, { name: "HPSBMU02797", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2010-4476", datePublished: "2011-02-17T18:31:00", dateReserved: "2010-12-06T00:00:00", dateUpdated: "2024-08-07T03:43:14.943Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.