CVE-2010-4476 : Detalle

CVE-2010-4476

45.15%V4
Network
2011-02-17
18h31 +00:00
2024-08-07
03h43 +00:00
CVE.org
NVD
Notificaciones para una CVE
Manténgase informado sobre cualquier cambio en una CVE específica.
Gestionar notificaciones

Descripciones CVE

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.

Informaciones CVE

Métricas

Métricas Puntuación Gravedad CVSS Vector Source
V2 5 AV:N/AC:L/Au:N/C:N/I:N/A:P nvd@nist.gov

EPSS

EPSS es un modelo de puntuación que predice la probabilidad de que una vulnerabilidad sea explotada.

Puntuación EPSS

El modelo EPSS produce una puntuación de probabilidad entre 0 y 1 (0 y 100%). Cuanto mayor sea la puntuación, mayor será la probabilidad de que se explote una vulnerabilidad.

Percentil EPSS

El percentil se usa para clasificar las CVE según su puntuación EPSS. Por ejemplo, una CVE en el percentil 95 según su puntuación EPSS tiene más probabilidades de ser explotada que el 95% de otras CVE. Así, el percentil sirve para comparar la puntuación EPSS de una CVE con la de otras CVE.
EPSS First.org

Información del exploit

Exploit Database EDB-ID : 35304

Fecha de publicación : 2011-01-31 23h00 +00:00
Autor : Konstantin Preisser
Verificado por EDB : Yes

Products Mentioned

Configuraton 0

Sun>>Jre >> Version To (including) 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Configuraton 0

Sun>>Jdk >> Version To (including) 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Configuraton 0

Sun>>Jdk >> Version To (including) 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Configuraton 0

Sun>>Sdk >> Version To (including) 1.4.2_29

Sun>>Sdk >> Version 1.4.2

Sun>>Sdk >> Version 1.4.2_1

Sun>>Sdk >> Version 1.4.2_02

Sun>>Sdk >> Version 1.4.2_3

Sun>>Sdk >> Version 1.4.2_4

Sun>>Sdk >> Version 1.4.2_5

Sun>>Sdk >> Version 1.4.2_6

Sun>>Sdk >> Version 1.4.2_7

Sun>>Sdk >> Version 1.4.2_8

Sun>>Sdk >> Version 1.4.2_9

Sun>>Sdk >> Version 1.4.2_10

Sun>>Sdk >> Version 1.4.2_11

Sun>>Sdk >> Version 1.4.2_12

Sun>>Sdk >> Version 1.4.2_13

Sun>>Sdk >> Version 1.4.2_14

Sun>>Sdk >> Version 1.4.2_15

Sun>>Sdk >> Version 1.4.2_16

Sun>>Sdk >> Version 1.4.2_17

Sun>>Sdk >> Version 1.4.2_18

Sun>>Sdk >> Version 1.4.2_19

Sun>>Sdk >> Version 1.4.2_20

Sun>>Sdk >> Version 1.4.2_21

Sun>>Sdk >> Version 1.4.2_22

Sun>>Sdk >> Version 1.4.2_23

Sun>>Sdk >> Version 1.4.2_24

Sun>>Sdk >> Version 1.4.2_25

Sun>>Sdk >> Version 1.4.2_26

Sun>>Sdk >> Version 1.4.2_27

Sun>>Sdk >> Version 1.4.2_28

Configuraton 0

Sun>>Jre >> Version To (including) 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Configuraton 0

Sun>>Jre >> Version To (including) 1.4.2_29

Sun>>Jre >> Version 1.4.2

Sun>>Jre >> Version 1.4.2_1

Sun>>Jre >> Version 1.4.2_2

Sun>>Jre >> Version 1.4.2_3

Sun>>Jre >> Version 1.4.2_4

Sun>>Jre >> Version 1.4.2_5

Sun>>Jre >> Version 1.4.2_6

Sun>>Jre >> Version 1.4.2_7

Sun>>Jre >> Version 1.4.2_8

Sun>>Jre >> Version 1.4.2_9

Sun>>Jre >> Version 1.4.2_10

Sun>>Jre >> Version 1.4.2_11

Sun>>Jre >> Version 1.4.2_12

Sun>>Jre >> Version 1.4.2_13

Sun>>Jre >> Version 1.4.2_14

Sun>>Jre >> Version 1.4.2_15

Sun>>Jre >> Version 1.4.2_16

Sun>>Jre >> Version 1.4.2_17

Sun>>Jre >> Version 1.4.2_18

Sun>>Jre >> Version 1.4.2_19

Sun>>Jre >> Version 1.4.2_20

Sun>>Jre >> Version 1.4.2_21

Sun>>Jre >> Version 1.4.2_22

Sun>>Jre >> Version 1.4.2_23

Sun>>Jre >> Version 1.4.2_24

Sun>>Jre >> Version 1.4.2_25

Sun>>Jre >> Version 1.4.2_26

Sun>>Jre >> Version 1.4.2_27

Sun>>Jre >> Version 1.4.2_28

Referencias

http://secunia.com/advisories/43295
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1025062
Tags : vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/43280
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0210.html
Tags : vendor-advisory, x_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-201406-32.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://marc.info/?l=bugtraq&m=134254866602253&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=129899347607632&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=136485229118404&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0214.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983
Tags : vendor-advisory, x_refsource_AIXAPAR
http://secunia.com/advisories/45555
Tags : third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423
Tags : vendor-advisory, x_refsource_AIXAPAR
http://secunia.com/advisories/43400
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=129960314701922&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=130514352726432&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/43378
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/45022
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0333.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2011/0422
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=131041767210772&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0434
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=129899347607632&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=133469267822771&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=129960314701922&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0213.html
Tags : vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=132215163318824&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0377
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/44954
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=130497132406206&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0365
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=130514352726432&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0880.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2011-0334.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2011-0282.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/43048
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2011/dsa-2161
Tags : vendor-advisory, x_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=133469267822771&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0379
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/43304
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0211.html
Tags : vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=134254957702612&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/49198
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/43659
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=132215163318824&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=133728004526190&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/43333
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=136485229118404&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=131041767210772&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=130168502603566&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0212.html
Tags : vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=130270785502599&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=133728004526190&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0605
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=130497185606818&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.mandriva.com/security/advisories?name=MDVSA-2011:054
Tags : vendor-advisory, x_refsource_MANDRIVA
http://marc.info/?l=bugtraq&m=134254957702612&w=2
Tags : vendor-advisory, x_refsource_HP
La información presentada en CVE Find proviene de varias fuentes de referencia cuidadosamente seleccionadas. Los datos CVE son proporcionados por MITRE Corporation y la Base de Datos Nacional de Vulnerabilidades (NVD). El catálogo de Vulnerabilidades Explotadas Conocidas (KEV) proviene de la Agencia de Seguridad de Infraestructura y Ciberseguridad (CISA), mientras que las puntuaciones EPSS provienen de FIRST.org. Además, los datos sobre debilidades de software (CWE) y patrones de ataque comunes (CAPEC) son mantenidos por MITRE Corporation, y la información sobre configuraciones de hardware y software (CPE) es proporcionada por la NVD.