CVE-2010-4476 : Detalhe

CVE-2010-4476

45.15%V4
Network
2011-02-17
18h31 +00:00
2024-08-07
03h43 +00:00
CVE.org
NVD
Notificações para um CVE
Fique informado sobre quaisquer alterações para um CVE específico.
Gerenciar notificações

Descrições CVE

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.

Informações CVE

Métricas

Métricas Pontuação Gravidade CVSS Vetor Source
V2 5 AV:N/AC:L/Au:N/C:N/I:N/A:P nvd@nist.gov

EPSS

O EPSS é um modelo de pontuação que prevê a probabilidade de uma vulnerabilidade ser explorada.

Pontuação EPSS

O modelo EPSS produz uma pontuação de probabilidade entre 0 e 1 (0 e 100%). Quanto maior a pontuação, maior a probabilidade de uma vulnerabilidade ser explorada.

Percentil EPSS

O percentil é usado para classificar os CVEs de acordo com sua pontuação EPSS. Por exemplo, um CVE no percentil 95 segundo sua pontuação EPSS tem mais probabilidade de ser explorado do que 95% dos outros CVEs. Assim, o percentil é usado para comparar a pontuação EPSS de um CVE com a de outros CVEs.
EPSS First.org

Informações sobre exploit

Exploit Database EDB-ID : 35304

Data de publicação : 2011-01-31 23h00 +00:00
Autor : Konstantin Preisser
Verificado pelo EDB : Yes

Products Mentioned

Configuraton 0

Sun>>Jre >> Version To (including) 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0

Configuraton 0

Sun>>Jdk >> Version To (including) 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0

Configuraton 0

Sun>>Jdk >> Version To (including) 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.5.0

Configuraton 0

Sun>>Sdk >> Version To (including) 1.4.2_29

Sun>>Sdk >> Version 1.4.2

Sun>>Sdk >> Version 1.4.2_1

Sun>>Sdk >> Version 1.4.2_02

Sun>>Sdk >> Version 1.4.2_3

Sun>>Sdk >> Version 1.4.2_4

Sun>>Sdk >> Version 1.4.2_5

Sun>>Sdk >> Version 1.4.2_6

Sun>>Sdk >> Version 1.4.2_7

Sun>>Sdk >> Version 1.4.2_8

Sun>>Sdk >> Version 1.4.2_9

Sun>>Sdk >> Version 1.4.2_10

Sun>>Sdk >> Version 1.4.2_11

Sun>>Sdk >> Version 1.4.2_12

Sun>>Sdk >> Version 1.4.2_13

Sun>>Sdk >> Version 1.4.2_14

Sun>>Sdk >> Version 1.4.2_15

Sun>>Sdk >> Version 1.4.2_16

Sun>>Sdk >> Version 1.4.2_17

Sun>>Sdk >> Version 1.4.2_18

Sun>>Sdk >> Version 1.4.2_19

Sun>>Sdk >> Version 1.4.2_20

Sun>>Sdk >> Version 1.4.2_21

Sun>>Sdk >> Version 1.4.2_22

Sun>>Sdk >> Version 1.4.2_23

Sun>>Sdk >> Version 1.4.2_24

Sun>>Sdk >> Version 1.4.2_25

Sun>>Sdk >> Version 1.4.2_26

Sun>>Sdk >> Version 1.4.2_27

Sun>>Sdk >> Version 1.4.2_28

Configuraton 0

Sun>>Jre >> Version To (including) 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.5.0

Configuraton 0

Sun>>Jre >> Version To (including) 1.4.2_29

Sun>>Jre >> Version 1.4.2

Sun>>Jre >> Version 1.4.2_1

Sun>>Jre >> Version 1.4.2_2

Sun>>Jre >> Version 1.4.2_3

Sun>>Jre >> Version 1.4.2_4

Sun>>Jre >> Version 1.4.2_5

Sun>>Jre >> Version 1.4.2_6

Sun>>Jre >> Version 1.4.2_7

Sun>>Jre >> Version 1.4.2_8

Sun>>Jre >> Version 1.4.2_9

Sun>>Jre >> Version 1.4.2_10

Sun>>Jre >> Version 1.4.2_11

Sun>>Jre >> Version 1.4.2_12

Sun>>Jre >> Version 1.4.2_13

Sun>>Jre >> Version 1.4.2_14

Sun>>Jre >> Version 1.4.2_15

Sun>>Jre >> Version 1.4.2_16

Sun>>Jre >> Version 1.4.2_17

Sun>>Jre >> Version 1.4.2_18

Sun>>Jre >> Version 1.4.2_19

Sun>>Jre >> Version 1.4.2_20

Sun>>Jre >> Version 1.4.2_21

Sun>>Jre >> Version 1.4.2_22

Sun>>Jre >> Version 1.4.2_23

Sun>>Jre >> Version 1.4.2_24

Sun>>Jre >> Version 1.4.2_25

Sun>>Jre >> Version 1.4.2_26

Sun>>Jre >> Version 1.4.2_27

Sun>>Jre >> Version 1.4.2_28

Referências

http://secunia.com/advisories/43295
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1025062
Tags : vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/43280
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0210.html
Tags : vendor-advisory, x_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-201406-32.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://marc.info/?l=bugtraq&m=134254866602253&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=129899347607632&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=136485229118404&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0214.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983
Tags : vendor-advisory, x_refsource_AIXAPAR
http://secunia.com/advisories/45555
Tags : third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423
Tags : vendor-advisory, x_refsource_AIXAPAR
http://secunia.com/advisories/43400
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=129960314701922&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=130514352726432&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/43378
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/45022
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0333.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2011/0422
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=131041767210772&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0434
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=129899347607632&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=133469267822771&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=129960314701922&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0213.html
Tags : vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=132215163318824&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0377
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/44954
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=130497132406206&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0365
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=130514352726432&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0880.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2011-0334.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2011-0282.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/43048
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2011/dsa-2161
Tags : vendor-advisory, x_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=133469267822771&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0379
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/43304
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0211.html
Tags : vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=134254957702612&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/49198
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/43659
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=132215163318824&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=133728004526190&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/43333
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=136485229118404&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=131041767210772&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=130168502603566&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2011-0212.html
Tags : vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=130270785502599&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=133728004526190&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2011/0605
Tags : vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=130497185606818&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.mandriva.com/security/advisories?name=MDVSA-2011:054
Tags : vendor-advisory, x_refsource_MANDRIVA
http://marc.info/?l=bugtraq&m=134254957702612&w=2
Tags : vendor-advisory, x_refsource_HP
As informações apresentadas no CVE Find originam-se de várias fontes de referência cuidadosamente selecionadas. Os dados CVE são fornecidos pela MITRE Corporation e pelo National Vulnerability Database (NVD). O catálogo de Vulnerabilidades Conhecidas Exploradas (KEV) é proveniente da Cybersecurity and Infrastructure Security Agency (CISA), enquanto as pontuações EPSS vêm do FIRST.org. Além disso, os dados sobre fraquezas de software (CWE) e padrões de ataque comuns (CAPEC) são mantidos pela MITRE Corporation, e as informações sobre configurações de hardware e software (CPE) são fornecidas pelo NVD.