diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
index 9fd5bacea..ddd041bdb 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
@@ -184,13 +184,21 @@ public class VulnerableSoftware extends IndexEntry implements Serializable, Comp
                 if (subMax > 0) {
                     for (int x = 0; result == 0 && x < subMax; x++) {
                         if (isPositiveInteger(subLeft[x]) && isPositiveInteger(subRight[x])) {
-                            final int iLeft = Integer.parseInt(subLeft[x]);
-                            final int iRight = Integer.parseInt(subRight[x]);
-                            if (iLeft != iRight) {
-                                if (iLeft > iRight) {
-                                    result = 2;
-                                } else {
-                                    result = -2;
+                            try {
+                                result = Long.valueOf(subLeft[x]).compareTo(Long.valueOf(subRight[x]));
+//                                final long iLeft = Long.parseLong(subLeft[x]);
+//                                final long iRight = Long.parseLong(subRight[x]);
+//                                if (iLeft != iRight) {
+//                                    if (iLeft > iRight) {
+//                                        result = 2;
+//                                    } else {
+//                                        result = -2;
+//                                    }
+//                                }
+                            } catch (NumberFormatException ex) {
+                                //ignore the exception - they obviously aren't numbers
+                                if (!subLeft[x].equalsIgnoreCase(subRight[x])) {
+                                    result = subLeft[x].compareToIgnoreCase(subRight[x]);
                                 }
                             }
                         } else {
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/dependency/VulnerableSoftwareTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/dependency/VulnerableSoftwareTest.java
index e4d0e907d..ad7384ee5 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/dependency/VulnerableSoftwareTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/dependency/VulnerableSoftwareTest.java
@@ -87,5 +87,13 @@ public class VulnerableSoftwareTest {
         int expResult = -2;
         int result = instance.compareTo(vs);
         assertEquals(expResult, result);
+
+        vs = new VulnerableSoftware();
+        vs.setCpe("cpe:/a:some:dep:9.2.0.0-20090116170000");
+        instance = new VulnerableSoftware();
+        instance.setCpe("cpe:/a:some:dep:9.2.0.0-20090116170001");
+        expResult = 1;
+        result = instance.compareTo(vs);
+        assertEquals(expResult, result);
     }
 }