[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-5712Date: (C)2007-10-30   (M)2023-12-22


The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.6
Exploit Score: 4.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-26227
SECUNIA-27435
SECUNIA-27597
SECUNIA-31961
ADV-2007-3660
ADV-2007-3661
DSA-1640
FEDORA-2007-2788
FEDORA-2007-3157
django-i18n-dos(38143)
http://sourceforge.net/forum/forum.php?forum_id=749199
http://www.djangoproject.com/weblog/2007/oct/26/security-fix

CWE    1
CWE-399
OVAL    1
oval:org.mitre.oval:def:8091

© SecPod Technologies