CVE-2010-4476 : Detail

CVE-2010-4476

45.15%V4
Network
2011-02-17
17h31 +00:00
2017-12-21
17h57 +00:00
CVE.org
NVD
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.

CVE Informations

Metrics

Metrics Score Severity CVSS Vector Source
V2 5 AV:N/AC:L/Au:N/C:N/I:N/A:P nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
EPSS First.org

Exploit information

Exploit Database EDB-ID : 35304

Publication date : 2011-01-31 23h00 +00:00
Author : Konstantin Preisser
EDB Verified : Yes

Products Mentioned

Configuraton 0

Sun>>Jre >> Version To (including) 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Configuraton 0

Sun>>Jdk >> Version To (including) 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Configuraton 0

Sun>>Jdk >> Version To (including) 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Configuraton 0

Sun>>Sdk >> Version To (including) 1.4.2_29

Sun>>Sdk >> Version 1.4.2

Sun>>Sdk >> Version 1.4.2_1

Sun>>Sdk >> Version 1.4.2_02

Sun>>Sdk >> Version 1.4.2_3

Sun>>Sdk >> Version 1.4.2_4

Sun>>Sdk >> Version 1.4.2_5

Sun>>Sdk >> Version 1.4.2_6

Sun>>Sdk >> Version 1.4.2_7

Sun>>Sdk >> Version 1.4.2_8

Sun>>Sdk >> Version 1.4.2_9

Sun>>Sdk >> Version 1.4.2_10

Sun>>Sdk >> Version 1.4.2_11

Sun>>Sdk >> Version 1.4.2_12

Sun>>Sdk >> Version 1.4.2_13

Sun>>Sdk >> Version 1.4.2_14

Sun>>Sdk >> Version 1.4.2_15

Sun>>Sdk >> Version 1.4.2_16

Sun>>Sdk >> Version 1.4.2_17

Sun>>Sdk >> Version 1.4.2_18

Sun>>Sdk >> Version 1.4.2_19

Sun>>Sdk >> Version 1.4.2_20

Sun>>Sdk >> Version 1.4.2_21

Sun>>Sdk >> Version 1.4.2_22

Sun>>Sdk >> Version 1.4.2_23

Sun>>Sdk >> Version 1.4.2_24

Sun>>Sdk >> Version 1.4.2_25

Sun>>Sdk >> Version 1.4.2_26

Sun>>Sdk >> Version 1.4.2_27

Sun>>Sdk >> Version 1.4.2_28

Configuraton 0

Sun>>Jre >> Version To (including) 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Configuraton 0

Sun>>Jre >> Version To (including) 1.4.2_29

Sun>>Jre >> Version 1.4.2

Sun>>Jre >> Version 1.4.2_1

Sun>>Jre >> Version 1.4.2_2

Sun>>Jre >> Version 1.4.2_3

Sun>>Jre >> Version 1.4.2_4

Sun>>Jre >> Version 1.4.2_5

Sun>>Jre >> Version 1.4.2_6

Sun>>Jre >> Version 1.4.2_7

Sun>>Jre >> Version 1.4.2_8

Sun>>Jre >> Version 1.4.2_9

Sun>>Jre >> Version 1.4.2_10

Sun>>Jre >> Version 1.4.2_11

Sun>>Jre >> Version 1.4.2_12

Sun>>Jre >> Version 1.4.2_13

Sun>>Jre >> Version 1.4.2_14

Sun>>Jre >> Version 1.4.2_15

Sun>>Jre >> Version 1.4.2_16

Sun>>Jre >> Version 1.4.2_17

Sun>>Jre >> Version 1.4.2_18

Sun>>Jre >> Version 1.4.2_19

Sun>>Jre >> Version 1.4.2_20

Sun>>Jre >> Version 1.4.2_21

Sun>>Jre >> Version 1.4.2_22

Sun>>Jre >> Version 1.4.2_23

Sun>>Jre >> Version 1.4.2_24

Sun>>Jre >> Version 1.4.2_25

Sun>>Jre >> Version 1.4.2_26

Sun>>Jre >> Version 1.4.2_27

Sun>>Jre >> Version 1.4.2_28

References

http://secunia.com/advisories/43295
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1025062
Tags : vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/43280
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0210.html
Tags : vendor-advisory, x_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-201406-32.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://marc.info/?l=bugtraq&m=134254866602253&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=129899347607632&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=136485229118404&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0214.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983
Tags : vendor-advisory, x_refsource_AIXAPAR
http://secunia.com/advisories/45555
Tags : third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423
Tags : vendor-advisory, x_refsource_AIXAPAR
http://secunia.com/advisories/43400
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=129960314701922&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=130514352726432&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/43378
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/45022
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0333.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2011/0422
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=131041767210772&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0434
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=129899347607632&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=133469267822771&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=129960314701922&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0213.html
Tags : vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=132215163318824&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0377
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/44954
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=130497132406206&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0365
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=130514352726432&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0880.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2011-0334.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2011-0282.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/43048
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2011/dsa-2161
Tags : vendor-advisory, x_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=133469267822771&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0379
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/43304
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0211.html
Tags : vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=134254957702612&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/49198
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/43659
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=132215163318824&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=133728004526190&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/43333
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=136485229118404&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=131041767210772&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=130168502603566&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0212.html
Tags : vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=130270785502599&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=133728004526190&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0605
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=130497185606818&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.mandriva.com/security/advisories?name=MDVSA-2011:054
Tags : vendor-advisory, x_refsource_MANDRIVA
http://marc.info/?l=bugtraq&m=134254957702612&w=2
Tags : vendor-advisory, x_refsource_HP
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.