ITM 5.1.2 affected by Java parseDouble vulnerability

Flash (Alert)


The serious critical issue CVE-2010-4476 can impact ITM 5.1.2 Java Runtime Environment with a potential Denial of Service Security exposure


This Flash addresses a serious critical issue CVE-2010-4476 (Java Runtime Environment hangs when converting "2.2250738585072012e-308" to a binary floating-point number). This vulnerability can cause the JRE to go into an hang or crash resulting in a denial of service exposure.

Even if ITM 5.1.2 does not directly use the double numbers mentioned in the Java security alert, there is no way to prevent users or malware applications to use them and have the security vulnerability exposure.

This vulnerability affects the following JREs shipped with the product:
JRE 1.4.2 SR9
JRE 1.4.2 SR13 FP3 for Linux s-390 platform
JRE 1.5.0 SR11

Fixes for the Java Runtime Environment (JRE)
To remediate this vulnerability, you will need to perform an update of the Java Runtime Environment (JRE). The Java Runtime Environment provides the libraries, the Java Virtual Machine, and other components to run applets and applications.
The following link provides detailed instructions on how to obtain the JRE fix and apply it:
IBM Security Alert for CVE-2010-4476

Document information

More support for:

IBM Monitoring

Software version:


Operating system(s):

All Platforms

Reference #:


Modified date:


Translate my page

Content navigation