5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.041 Low
EPSS
Percentile
91.3%
JBoss Web Server is the web container, based on Apache Tomcat, in JBoss
Enterprise Application Platform. It provides a single deployment platform
for the JavaServer Pages (JSP) and Java Servlet technologies.
A denial of service flaw was found in the way certain strings were
converted to Double objects. A remote attacker could use this flaw to cause
JBoss Web Server to hang via a specially-crafted HTTP request.
(CVE-2010-4476)
All users of Enterprise Application Platform 4.2, 4.3, and 5.1 as provided
from the Red Hat Customer Portal are advised to apply this patch. Refer to
the Solution section of this erratum for patch download instructions. The
JBoss server process must be restarted for this update to take effect.