[exec]

Most of internet banking systems in my country run on Java. And most of them can be affected if you know where to put this number.

[Sandman]

Yes, but fortunately, there is not much reason why anybody would use double when developing a banking system.

[yyyy]

They don't have to use it directly.

GET / HTTP/1.0

Accept-Language: en;q=2.2250738585072012e-308

If you're running Tomcat and you call getLocale() on that servlet request, you're toast.

[wingo]

This is precisely why "q" is defined only to accept three digits after the decimal. It's actually not a floating point number, and anyone who parses it as such is just being lazy.

"q" is more properly represented natively as an integer between 0 and 1000.

[xcombelle]

apparently q is not properly parsed in JBoss which is based on apache tomcat scaring not?