Severity: : Medium
  CVE Kennungen: : CVE-2010-4476
  Advisory Date: 21 de июля de 2015

  DESCRIPTION

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1004610
  Trend Micro Deep Security DPI Rule Name: 1004610 - Oracle Java SE And Java For Business Remote Security Vulnerability (CVE-2010-4476)

  AFFECTED SOFTWARE AND VERSION:

  • sun jdk 1.5.0
  • sun jdk 1.6.0
  • sun jre 1.4.2
  • sun jre 1.4.2_1
  • sun jre 1.4.2_10
  • sun jre 1.4.2_11
  • sun jre 1.4.2_12
  • sun jre 1.4.2_13
  • sun jre 1.4.2_14
  • sun jre 1.4.2_15
  • sun jre 1.4.2_16
  • sun jre 1.4.2_17
  • sun jre 1.4.2_18
  • sun jre 1.4.2_19
  • sun jre 1.4.2_20
  • sun jre 1.4.2_21
  • sun jre 1.4.2_22
  • sun jre 1.4.2_23
  • sun jre 1.4.2_24
  • sun jre 1.4.2_25
  • sun jre 1.4.2_26
  • sun jre 1.4.2_27
  • sun jre 1.4.2_28
  • sun jre 1.4.2_29
  • sun jre 1.5.0
  • sun jre 1.6.0
  • sun sdk 1.4.2
  • sun sdk 1.4.2_02
  • sun sdk 1.4.2_1
  • sun sdk 1.4.2_10
  • sun sdk 1.4.2_11
  • sun sdk 1.4.2_12
  • sun sdk 1.4.2_13
  • sun sdk 1.4.2_14
  • sun sdk 1.4.2_15
  • sun sdk 1.4.2_16
  • sun sdk 1.4.2_17
  • sun sdk 1.4.2_18
  • sun sdk 1.4.2_19
  • sun sdk 1.4.2_20
  • sun sdk 1.4.2_21
  • sun sdk 1.4.2_22
  • sun sdk 1.4.2_23
  • sun sdk 1.4.2_24
  • sun sdk 1.4.2_25
  • sun sdk 1.4.2_26
  • sun sdk 1.4.2_27
  • sun sdk 1.4.2_28
  • sun sdk 1.4.2_29
  • sun sdk 1.4.2_3
  • sun sdk 1.4.2_4
  • sun sdk 1.4.2_5
  • sun sdk 1.4.2_6
  • sun sdk 1.4.2_7
  • sun sdk 1.4.2_8
  • sun sdk 1.4.2_9