5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.041 Low
EPSS
Percentile
91.2%
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
A denial of service flaw was found in the way certain strings were
converted to Double objects. A remote attacker could use this flaw to cause
Tomcat to hang via a specially-crafted HTTP request. (CVE-2010-4476)
Users of Tomcat should upgrade to these updated packages, which contain a
backported patch to correct this issue. Tomcat must be restarted for this
update to take effect.