Denial of service vulnerability in Double.parseDouble method in Java Runtime Environment (JRE) in Oracle JavaID: oval:org.secpod.oval:def:2740 | Date: (C)2011-11-10 (M)2022-10-10 |
Class: VULNERABILITY | Family: macos |
The host is installed with Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number. Successful exploitation could allow attackers to crash the service.
Platform: |
Apple Mac OS 12 |
Apple Mac OS 11 |
Apple Mac OS X 10.15 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.8 |
Apple Mac OS X 10.9 |
Apple Mac OS X 10.10 |
Apple Mac OS X Server 10.8 |
Apple Mac OS X Server 10.9 |
Apple Mac OS X Server 10.10 |