NVD

Id
45038  
Name
CVE-2012-3443  
Description
The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a denial of service (memory consumption) by uploading an image file.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2012-07-31  
Modified Date
2013-04-10  
Seq
2012-3443  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
225802 45038 CVE-2012-3443 DSA-2529  View
225803 45038 CVE-2012-3443 MDVSA-2012:143  View
225804 45038 CVE-2012-3443 [oss-security] 20120730 CVE Request: Django 1.3.1 and 1.4.0 security issues  View
225805 45038 CVE-2012-3443 [oss-security] 20120730 Re: CVE Request: Django 1.3.1 and 1.4.0 security issues  View
225806 45038 CVE-2012-3443 USN-1560-1  View
225807 45038 CVE-2012-3443 https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27731 JVNDB-2012-003438 Django におけるサービス運用妨害 (メモリ消費) の脆弱性 Django のフォームシステム内の django.forms.ImageField クラスには、画像を検証する際、画像データを完全に展開するため、サービス運用妨害 (メモリ消費) 状態となる脆弱性が存在します。 CVE-2012-3443 56681 CVE-2012-3443 45038 5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003438.html 2012-07-30 2012-10-23 View