CVE-2012-3444 in Djangoinfo

Summary

The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

06/14/2012

Disclosure

07/31/2012

Moderation

VulDB entry created

Entries

VDB-61459 (1)

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

5.3

EPSS

0.01190

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3444
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3444
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3444/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!