WebLogic 10.3.2 and Security Alert CVE-2010-4476
Hi
We are using WebLogic 10.3.2 (with embedded jdk160_14_R27.6.5-32 and embedded jrockit_160_14_R27.6.5-32 ) on LINUX as well as WebLogic 10.3.2 (with embedded jdk160_14 and additional jrmc-3.1.2-1.6.0 ) on UNIX.
Facing the Security Alert CVE-2010-4476 (JRE hangs when converting <..> to a binary floating-point number) I have the questions..
- are these versions of JDK/JRockit affected by CVE-2010-4476?
- if yes: how do these versions need to be patched?
thanks and regards
..Andi
We are using WebLogic 10.3.2 (with embedded jdk160_14_R27.6.5-32 and embedded jrockit_160_14_R27.6.5-32 ) on LINUX as well as WebLogic 10.3.2 (with embedded jdk160_14 and additional jrmc-3.1.2-1.6.0 ) on UNIX.
Facing the Security Alert CVE-2010-4476 (JRE hangs when converting <..> to a binary floating-point number) I have the questions..
- are these versions of JDK/JRockit affected by CVE-2010-4476?
- if yes: how do these versions need to be patched?
thanks and regards
..Andi
0