csaf_redhat - rhsa-2011

rhsa-2011_0348

Vulnerability from csaf_redhat

Published

2011-03-11 00:35

Modified

2024-11-05 17:28

Summary

Red Hat Security Advisory: tomcat6 security update

Notes

Topic

Updated tomcat6 packages that fix two security issues are now available for JBoss Enterprise Web Server 1.0. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. A denial of service flaw was found in the way certain strings were converted to Double objects. A remote attacker could use this flaw to cause Tomcat to hang via a specially-crafted HTTP request. (CVE-2010-4476) A flaw was found in the Tomcat NIO (Non-Blocking I/O) connector. A remote attacker could use this flaw to cause a denial of service (out-of-memory condition) via a specially-crafted request containing a large NIO buffer size request value. (CVE-2011-0534) Users of Tomcat should upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated tomcat6 packages that fix two security issues are now available for\nJBoss Enterprise Web Server 1.0.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA denial of service flaw was found in the way certain strings were\nconverted to Double objects. A remote attacker could use this flaw to cause\nTomcat to hang via a specially-crafted HTTP request. (CVE-2010-4476)\n\nA flaw was found in the Tomcat NIO (Non-Blocking I/O) connector. A remote\nattacker could use this flaw to cause a denial of service (out-of-memory\ncondition) via a specially-crafted request containing a large NIO buffer\nsize request value. (CVE-2011-0534)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Tomcat must be restarted for\nthis update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2011:0348",
        "url": "https://access.redhat.com/errata/RHSA-2011:0348"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "http://tomcat.apache.org/security-6.html",
        "url": "http://tomcat.apache.org/security-6.html"
      },
      {
        "category": "external",
        "summary": "674336",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=674336"
      },
      {
        "category": "external",
        "summary": "675338",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=675338"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0348.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat6 security update",
    "tracking": {
      "current_release_date": "2024-11-05T17:28:31+00:00",
      "generator": {
        "date": "2024-11-05T17:28:31+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.1.1"
        }
      },
      "id": "RHSA-2011:0348",
      "initial_release_date": "2011-03-11T00:35:00+00:00",
      "revision_history": [
        {
          "date": "2011-03-11T00:35:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2011-03-10T19:38:28+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-05T17:28:31+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
                "product": {
                  "name": "Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
                  "product_id": "4AS-JBEWS-5.0.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
                "product": {
                  "name": "Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
                  "product_id": "4ES-JBEWS-5.0.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
                  "product_id": "5Server-JBEWS-5.0.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-11.patch_03.ep5.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-11.patch_03.ep5.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-11.patch_03.ep5.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_id": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-11.patch_03.ep5.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
                "product": {
                  "name": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_id": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.24-11.patch_03.ep5.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-11.patch_03.ep5.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-11.patch_03.ep5.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-11.patch_03.ep5.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_id": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.24-11.patch_03.ep5.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
                "product": {
                  "name": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_id": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-1.0-api@6.0.24-11.patch_03.ep5.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
                "product": {
                  "name": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_id": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-1.0-api@6.0.24-11.patch_03.ep5.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-11.patch_03.ep5.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-11.patch_03.ep5.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-11.patch_03.ep5.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch",
                "product": {
                  "name": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_id": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.24-11.patch_03.ep5.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_id": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-11.patch_03.ep5.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-11.patch_03.ep5.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-11.patch_03.ep5.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-11.patch_03.ep5.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_id": "tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.24-11.patch_03.ep5.el5?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
                "product": {
                  "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
                  "product_id": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.24-11.patch_03.ep5.el4?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el5.src",
                "product": {
                  "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el5.src",
                  "product_id": "tomcat6-0:6.0.24-11.patch_03.ep5.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.24-11.patch_03.ep5.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src"
        },
        "product_reference": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
          "product_id": "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4AS-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src"
        },
        "product_reference": "tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
          "product_id": "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
        "relates_to_product_reference": "4ES-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-11.patch_03.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.src"
        },
        "product_reference": "tomcat6-0:6.0.24-11.patch_03.ep5.el5.src",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch"
        },
        "product_reference": "tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch"
        },
        "product_reference": "tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
          "product_id": "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
        "relates_to_product_reference": "5Server-JBEWS-5.0.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2010-4476",
      "discovery_date": "2011-02-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "674336"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "JDK Double.parseDouble Denial-Of-Service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
          "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
          "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.src",
          "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2010-4476"
        },
        {
          "category": "external",
          "summary": "RHBZ#674336",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=674336"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2010-4476",
          "url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4476",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4476"
        }
      ],
      "release_date": "2011-02-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2011-03-11T00:35:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
            "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
            "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.src",
            "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2011:0348"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
            "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
            "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.src",
            "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "JDK Double.parseDouble Denial-Of-Service"
    },
    {
      "cve": "CVE-2011-0534",
      "discovery_date": "2011-02-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "675338"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: remote DoS via NIO connector",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
          "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
          "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.src",
          "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
          "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2011-0534"
        },
        {
          "category": "external",
          "summary": "RHBZ#675338",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=675338"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0534",
          "url": "https://www.cve.org/CVERecord?id=CVE-2011-0534"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0534",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0534"
        }
      ],
      "release_date": "2011-01-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2011-03-11T00:35:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
            "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
            "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.src",
            "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2011:0348"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
            "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el4.src",
            "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el4.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-11.patch_03.ep5.el5.src",
            "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-11.patch_03.ep5.el5.noarch",
            "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-11.patch_03.ep5.el5.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: remote DoS via NIO connector"
    }
  ]
}

cve-2011-0534

Vulnerability from cvelistv5

Published

2011-02-10 17:00

Modified

2024-08-06 21:58

Severity ?

Summary

Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.

References

▼	URL	Tags
	http://securityreason.com/securityalert/8074	third-party-advisory, x_refsource_SREASON
	http://www.securitytracker.com/id?1025027	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/45022	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://osvdb.org/70809	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/archive/1/516214/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://www.vupen.com/english/advisories/2011/0293	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/57126	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/65162	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/46164	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/43192	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2011/dsa-2160	vendor-advisory, x_refsource_DEBIAN
	http://support.apple.com/kb/HT5002	x_refsource_CONFIRM
	http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.8_%28released_5_Feb_2011%29	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=139344343412337&w=2	vendor-advisory, x_refsource_HP
	http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html	x_refsource_CONFIRM
	http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.32	x_refsource_CONFIRM

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:58:24.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "8074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8074"
          },
          {
            "name": "1025027",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025027"
          },
          {
            "name": "45022",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45022"
          },
          {
            "name": "SUSE-SR:2011:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "name": "70809",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/70809"
          },
          {
            "name": "20110205 [SECURITY] CVE-2011-0534 Apache Tomcat DoS vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516214/100/0/threaded"
          },
          {
            "name": "APPLE-SA-2011-10-12-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "name": "ADV-2011-0293",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0293"
          },
          {
            "name": "57126",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/57126"
          },
          {
            "name": "tomcat-nio-connector-dos(65162)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65162"
          },
          {
            "name": "46164",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46164"
          },
          {
            "name": "43192",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43192"
          },
          {
            "name": "DSA-2160",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2160"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.8_%28released_5_Feb_2011%29"
          },
          {
            "name": "HPSBST02955",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.32"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "8074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8074"
        },
        {
          "name": "1025027",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025027"
        },
        {
          "name": "45022",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45022"
        },
        {
          "name": "SUSE-SR:2011:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
        },
        {
          "name": "70809",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/70809"
        },
        {
          "name": "20110205 [SECURITY] CVE-2011-0534 Apache Tomcat DoS vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516214/100/0/threaded"
        },
        {
          "name": "APPLE-SA-2011-10-12-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
        },
        {
          "name": "ADV-2011-0293",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0293"
        },
        {
          "name": "57126",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/57126"
        },
        {
          "name": "tomcat-nio-connector-dos(65162)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65162"
        },
        {
          "name": "46164",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46164"
        },
        {
          "name": "43192",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43192"
        },
        {
          "name": "DSA-2160",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2160"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5002"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.8_%28released_5_Feb_2011%29"
        },
        {
          "name": "HPSBST02955",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.32"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2011-0534",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "8074",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8074"
            },
            {
              "name": "1025027",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025027"
            },
            {
              "name": "45022",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/45022"
            },
            {
              "name": "SUSE-SR:2011:005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            },
            {
              "name": "70809",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/70809"
            },
            {
              "name": "20110205 [SECURITY] CVE-2011-0534 Apache Tomcat DoS vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/516214/100/0/threaded"
            },
            {
              "name": "APPLE-SA-2011-10-12-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
            },
            {
              "name": "ADV-2011-0293",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0293"
            },
            {
              "name": "57126",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/57126"
            },
            {
              "name": "tomcat-nio-connector-dos(65162)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65162"
            },
            {
              "name": "46164",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46164"
            },
            {
              "name": "43192",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43192"
            },
            {
              "name": "DSA-2160",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2160"
            },
            {
              "name": "http://support.apple.com/kb/HT5002",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5002"
            },
            {
              "name": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.8_(released_5_Feb_2011)",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.8_(released_5_Feb_2011)"
            },
            {
              "name": "HPSBST02955",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
            },
            {
              "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
            },
            {
              "name": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.32",
              "refsource": "CONFIRM",
              "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.32"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-0534",
    "datePublished": "2011-02-10T17:00:00",
    "dateReserved": "2011-01-20T00:00:00",
    "dateUpdated": "2024-08-06T21:58:24.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-4476

Vulnerability from cvelistv5

Published

2011-02-17 18:31

Modified

2024-08-07 03:43

Severity ?

Summary

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.

References

▼	URL	Tags
	http://secunia.com/advisories/43295	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1025062	vdb-entry, x_refsource_SECTRACK
	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html	x_refsource_CONFIRM
	http://secunia.com/advisories/43280	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2011-0210.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisory, x_refsource_GENTOO
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328	vdb-entry, signature, x_refsource_OVAL
	http://marc.info/?l=bugtraq&m=134254866602253&w=2	vendor-advisory, x_refsource_HP
	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html	vendor-advisory, x_refsource_FEDORA
	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html	vendor-advisory, x_refsource_SUSE
	http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=129899347607632&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=136485229118404&w=2	vendor-advisory, x_refsource_HP
	http://www.redhat.com/support/errata/RHSA-2011-0214.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/45555	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/43400	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=129960314701922&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=130514352726432&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/43378	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/45022	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2011-0333.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2011/0422	vdb-entry, x_refsource_VUPEN
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662	vdb-entry, signature, x_refsource_OVAL
	http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=131041767210772&w=2	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2011/0434	vdb-entry, x_refsource_VUPEN
	http://marc.info/?l=bugtraq&m=129899347607632&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=133469267822771&w=2	vendor-advisory, x_refsource_HP
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589	vdb-entry, signature, x_refsource_OVAL
	http://marc.info/?l=bugtraq&m=129960314701922&w=2	vendor-advisory, x_refsource_HP
	http://www.redhat.com/support/errata/RHSA-2011-0213.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=132215163318824&w=2	vendor-advisory, x_refsource_HP
	http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/	x_refsource_MISC
	http://www.vupen.com/english/advisories/2011/0377	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/44954	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=130497132406206&w=2	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2011/0365	vdb-entry, x_refsource_VUPEN
	http://marc.info/?l=bugtraq&m=130514352726432&w=2	vendor-advisory, x_refsource_HP
	http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2011-0880.html	vendor-advisory, x_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745	vdb-entry, signature, x_refsource_OVAL
	http://www.redhat.com/support/errata/RHSA-2011-0334.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2011-0282.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21468358	x_refsource_CONFIRM
	http://secunia.com/advisories/43048	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2011/dsa-2161	vendor-advisory, x_refsource_DEBIAN
	http://marc.info/?l=bugtraq&m=133469267822771&w=2	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2011/0379	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/43304	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2011-0211.html	vendor-advisory, x_refsource_REDHAT
	http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=134254957702612&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/49198	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43659	third-party-advisory, x_refsource_SECUNIA
	http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg24029498	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=132215163318824&w=2	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=133728004526190&w=2	vendor-advisory, x_refsource_HP
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/43333	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=136485229118404&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=131041767210772&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=130168502603566&w=2	vendor-advisory, x_refsource_HP
	http://www.redhat.com/support/errata/RHSA-2011-0212.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=130270785502599&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=133728004526190&w=2	vendor-advisory, x_refsource_HP
	http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0605	vdb-entry, x_refsource_VUPEN
	http://blog.fortify.com/blog/2011/02/08/Double-Trouble	x_refsource_MISC
	http://marc.info/?l=bugtraq&m=130497185606818&w=2	vendor-advisory, x_refsource_HP
	http://www.ibm.com/support/docview.wss?uid=swg24029497	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:054	vendor-advisory, x_refsource_MANDRIVA
	http://marc.info/?l=bugtraq&m=134254957702612&w=2	vendor-advisory, x_refsource_HP

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:43:14.943Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43295",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43295"
          },
          {
            "name": "1025062",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025062"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"
          },
          {
            "name": "43280",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43280"
          },
          {
            "name": "RHSA-2011:0210",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0210.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:14328",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328"
          },
          {
            "name": "HPSBMU02799",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
          },
          {
            "name": "FEDORA-2011-1231",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html"
          },
          {
            "name": "FEDORA-2011-1263",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html"
          },
          {
            "name": "SUSE-SU-2011:0823",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
          },
          {
            "name": "HPSBNS02633",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
          },
          {
            "name": "SSRT100387",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
          },
          {
            "name": "HPSBUX02860",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
          },
          {
            "name": "RHSA-2011:0214",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0214.html"
          },
          {
            "name": "PM31983",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983"
          },
          {
            "name": "45555",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45555"
          },
          {
            "name": "IZ94423",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423"
          },
          {
            "name": "43400",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43400"
          },
          {
            "name": "SSRT100412",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
          },
          {
            "name": "HPSBMA02642",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
          },
          {
            "name": "43378",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43378"
          },
          {
            "name": "45022",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45022"
          },
          {
            "name": "RHSA-2011:0333",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0333.html"
          },
          {
            "name": "ADV-2011-0422",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0422"
          },
          {
            "name": "oval:org.mitre.oval:def:12662",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"
          },
          {
            "name": "HPSBMU02690",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
          },
          {
            "name": "ADV-2011-0434",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0434"
          },
          {
            "name": "HPSBUX02633",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
          },
          {
            "name": "HPSBOV02762",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:14589",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589"
          },
          {
            "name": "HPSBUX02641",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
          },
          {
            "name": "RHSA-2011:0213",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0213.html"
          },
          {
            "name": "SSRT100627",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/"
          },
          {
            "name": "ADV-2011-0377",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0377"
          },
          {
            "name": "44954",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44954"
          },
          {
            "name": "HPSBOV02634",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497132406206\u0026w=2"
          },
          {
            "name": "ADV-2011-0365",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0365"
          },
          {
            "name": "SSRT100415",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html"
          },
          {
            "name": "RHSA-2011:0880",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
          },
          {
            "name": "oval:org.mitre.oval:def:12745",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745"
          },
          {
            "name": "RHSA-2011:0334",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0334.html"
          },
          {
            "name": "RHSA-2011:0282",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21468358"
          },
          {
            "name": "43048",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43048"
          },
          {
            "name": "DSA-2161",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2161"
          },
          {
            "name": "SSRT100825",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
          },
          {
            "name": "ADV-2011-0379",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0379"
          },
          {
            "name": "43304",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43304"
          },
          {
            "name": "RHSA-2011:0211",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0211.html"
          },
          {
            "name": "SSRT100390",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
          },
          {
            "name": "SSRT100867",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          },
          {
            "name": "49198",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49198"
          },
          {
            "name": "43659",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43659"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg24029498"
          },
          {
            "name": "HPSBUX02725",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
          },
          {
            "name": "SUSE-SA:2011:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
          },
          {
            "name": "HPSBUX02777",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:19493",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493"
          },
          {
            "name": "43333",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43333"
          },
          {
            "name": "SSRT101146",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
          },
          {
            "name": "SSRT100569",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
          },
          {
            "name": "HPSBUX02645",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130168502603566\u0026w=2"
          },
          {
            "name": "RHSA-2011:0212",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0212.html"
          },
          {
            "name": "HPSBUX02642",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130270785502599\u0026w=2"
          },
          {
            "name": "SSRT100854",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
          },
          {
            "name": "ADV-2011-0605",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0605"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.fortify.com/blog/2011/02/08/Double-Trouble"
          },
          {
            "name": "HPSBTU02684",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497185606818\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg24029497"
          },
          {
            "name": "MDVSA-2011:054",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
          },
          {
            "name": "HPSBMU02797",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-21T18:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "43295",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43295"
        },
        {
          "name": "1025062",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025062"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"
        },
        {
          "name": "43280",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43280"
        },
        {
          "name": "RHSA-2011:0210",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0210.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:14328",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328"
        },
        {
          "name": "HPSBMU02799",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
        },
        {
          "name": "FEDORA-2011-1231",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html"
        },
        {
          "name": "FEDORA-2011-1263",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html"
        },
        {
          "name": "SUSE-SU-2011:0823",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
        },
        {
          "name": "HPSBNS02633",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
        },
        {
          "name": "SSRT100387",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
        },
        {
          "name": "HPSBUX02860",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
        },
        {
          "name": "RHSA-2011:0214",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0214.html"
        },
        {
          "name": "PM31983",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983"
        },
        {
          "name": "45555",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45555"
        },
        {
          "name": "IZ94423",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423"
        },
        {
          "name": "43400",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43400"
        },
        {
          "name": "SSRT100412",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
        },
        {
          "name": "HPSBMA02642",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
        },
        {
          "name": "43378",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43378"
        },
        {
          "name": "45022",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45022"
        },
        {
          "name": "RHSA-2011:0333",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0333.html"
        },
        {
          "name": "ADV-2011-0422",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0422"
        },
        {
          "name": "oval:org.mitre.oval:def:12662",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"
        },
        {
          "name": "HPSBMU02690",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
        },
        {
          "name": "ADV-2011-0434",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0434"
        },
        {
          "name": "HPSBUX02633",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
        },
        {
          "name": "HPSBOV02762",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:14589",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589"
        },
        {
          "name": "HPSBUX02641",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
        },
        {
          "name": "RHSA-2011:0213",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0213.html"
        },
        {
          "name": "SSRT100627",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/"
        },
        {
          "name": "ADV-2011-0377",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0377"
        },
        {
          "name": "44954",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44954"
        },
        {
          "name": "HPSBOV02634",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497132406206\u0026w=2"
        },
        {
          "name": "ADV-2011-0365",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0365"
        },
        {
          "name": "SSRT100415",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html"
        },
        {
          "name": "RHSA-2011:0880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
        },
        {
          "name": "oval:org.mitre.oval:def:12745",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745"
        },
        {
          "name": "RHSA-2011:0334",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0334.html"
        },
        {
          "name": "RHSA-2011:0282",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21468358"
        },
        {
          "name": "43048",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43048"
        },
        {
          "name": "DSA-2161",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2161"
        },
        {
          "name": "SSRT100825",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
        },
        {
          "name": "ADV-2011-0379",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0379"
        },
        {
          "name": "43304",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43304"
        },
        {
          "name": "RHSA-2011:0211",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0211.html"
        },
        {
          "name": "SSRT100390",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
        },
        {
          "name": "SSRT100867",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
        },
        {
          "name": "49198",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49198"
        },
        {
          "name": "43659",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43659"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg24029498"
        },
        {
          "name": "HPSBUX02725",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
        },
        {
          "name": "SUSE-SA:2011:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
        },
        {
          "name": "HPSBUX02777",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:19493",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493"
        },
        {
          "name": "43333",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43333"
        },
        {
          "name": "SSRT101146",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
        },
        {
          "name": "SSRT100569",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
        },
        {
          "name": "HPSBUX02645",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130168502603566\u0026w=2"
        },
        {
          "name": "RHSA-2011:0212",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0212.html"
        },
        {
          "name": "HPSBUX02642",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130270785502599\u0026w=2"
        },
        {
          "name": "SSRT100854",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
        },
        {
          "name": "ADV-2011-0605",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0605"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.fortify.com/blog/2011/02/08/Double-Trouble"
        },
        {
          "name": "HPSBTU02684",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497185606818\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg24029497"
        },
        {
          "name": "MDVSA-2011:054",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
        },
        {
          "name": "HPSBMU02797",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2010-4476",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43295",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43295"
            },
            {
              "name": "1025062",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025062"
            },
            {
              "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html",
              "refsource": "CONFIRM",
              "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html"
            },
            {
              "name": "43280",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43280"
            },
            {
              "name": "RHSA-2011:0210",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0210.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:14328",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328"
            },
            {
              "name": "HPSBMU02799",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
            },
            {
              "name": "FEDORA-2011-1231",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html"
            },
            {
              "name": "FEDORA-2011-1263",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html"
            },
            {
              "name": "SUSE-SU-2011:0823",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
            },
            {
              "name": "HPSBNS02633",
              "refsource": "HP",
              "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
            },
            {
              "name": "SSRT100387",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
            },
            {
              "name": "HPSBUX02860",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
            },
            {
              "name": "RHSA-2011:0214",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0214.html"
            },
            {
              "name": "PM31983",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983"
            },
            {
              "name": "45555",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/45555"
            },
            {
              "name": "IZ94423",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423"
            },
            {
              "name": "43400",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43400"
            },
            {
              "name": "SSRT100412",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
            },
            {
              "name": "HPSBMA02642",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
            },
            {
              "name": "43378",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43378"
            },
            {
              "name": "45022",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/45022"
            },
            {
              "name": "RHSA-2011:0333",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0333.html"
            },
            {
              "name": "ADV-2011-0422",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0422"
            },
            {
              "name": "oval:org.mitre.oval:def:12662",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"
            },
            {
              "name": "HPSBMU02690",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
            },
            {
              "name": "ADV-2011-0434",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0434"
            },
            {
              "name": "HPSBUX02633",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=129899347607632\u0026w=2"
            },
            {
              "name": "HPSBOV02762",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:14589",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589"
            },
            {
              "name": "HPSBUX02641",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=129960314701922\u0026w=2"
            },
            {
              "name": "RHSA-2011:0213",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0213.html"
            },
            {
              "name": "SSRT100627",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
            },
            {
              "name": "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/",
              "refsource": "MISC",
              "url": "http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/"
            },
            {
              "name": "ADV-2011-0377",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0377"
            },
            {
              "name": "44954",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44954"
            },
            {
              "name": "HPSBOV02634",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130497132406206\u0026w=2"
            },
            {
              "name": "ADV-2011-0365",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0365"
            },
            {
              "name": "SSRT100415",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130514352726432\u0026w=2"
            },
            {
              "name": "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html",
              "refsource": "CONFIRM",
              "url": "http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html"
            },
            {
              "name": "RHSA-2011:0880",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
            },
            {
              "name": "oval:org.mitre.oval:def:12745",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745"
            },
            {
              "name": "RHSA-2011:0334",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0334.html"
            },
            {
              "name": "RHSA-2011:0282",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21468358",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21468358"
            },
            {
              "name": "43048",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43048"
            },
            {
              "name": "DSA-2161",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2161"
            },
            {
              "name": "SSRT100825",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
            },
            {
              "name": "ADV-2011-0379",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0379"
            },
            {
              "name": "43304",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43304"
            },
            {
              "name": "RHSA-2011:0211",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0211.html"
            },
            {
              "name": "SSRT100390",
              "refsource": "HP",
              "url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715\u0026admit=109447627+1298159618320+28353475"
            },
            {
              "name": "SSRT100867",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            },
            {
              "name": "49198",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49198"
            },
            {
              "name": "43659",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43659"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg24029498",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg24029498"
            },
            {
              "name": "HPSBUX02725",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
            },
            {
              "name": "SUSE-SA:2011:024",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
            },
            {
              "name": "HPSBUX02777",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:19493",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493"
            },
            {
              "name": "43333",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43333"
            },
            {
              "name": "SSRT101146",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
            },
            {
              "name": "SSRT100569",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=131041767210772\u0026w=2"
            },
            {
              "name": "HPSBUX02645",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130168502603566\u0026w=2"
            },
            {
              "name": "RHSA-2011:0212",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0212.html"
            },
            {
              "name": "HPSBUX02642",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130270785502599\u0026w=2"
            },
            {
              "name": "SSRT100854",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
            },
            {
              "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
            },
            {
              "name": "ADV-2011-0605",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0605"
            },
            {
              "name": "http://blog.fortify.com/blog/2011/02/08/Double-Trouble",
              "refsource": "MISC",
              "url": "http://blog.fortify.com/blog/2011/02/08/Double-Trouble"
            },
            {
              "name": "HPSBTU02684",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130497185606818\u0026w=2"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg24029497",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg24029497"
            },
            {
              "name": "MDVSA-2011:054",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
            },
            {
              "name": "HPSBMU02797",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2010-4476",
    "datePublished": "2011-02-17T18:31:00",
    "dateReserved": "2010-12-06T00:00:00",
    "dateUpdated": "2024-08-07T03:43:14.943Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

rhsa-2011_0348

Vulnerability from csaf_redhat

cve-2011-0534

Vulnerability from cvelistv5

cve-2010-4476

Vulnerability from cvelistv5

Tags