Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5712

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2007-5712
Last Modified 07 Mar 2011 12:00:00
Published 30 Oct 2007 03:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2007-5712

Summary

The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers.

Vulnerable Systems

Application

  • Django Project Django 0.91

  • Django Project Django 0.95

  • Django Project Django 0.95.1

  • Django Project Django 0.96


References

CONFIRM - http://www.djangoproject.com/weblog/2007/oct/26/security-fix

DEBIAN - DSA-1640

SECUNIA - 27435

FEDORA - FEDORA-2007-3157

FEDORA - FEDORA-2007-2788

XF - django-i18n-dos(38143)

VUPEN - ADV-2007-3661

VUPEN - ADV-2007-3660

BID - 26227

CONFIRM - http://sourceforge.net/forum/forum.php?forum_id=749199

SECUNIA - 31961

SECUNIA - 27597


Last Updated: 27 May 2016 10:46:14