CVE Vulnerabilities

CVE-2007-5712

Published: Oct 30, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.6 LOW
AV:N/AC:H/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
LOW

The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers.

Affected Software

Name Vendor Start Version End Version
Django Django_project 0.91 (including) 0.91 (including)
Django Django_project 0.95 (including) 0.95 (including)
Django Django_project 0.95.1 (including) 0.95.1 (including)
Django Django_project 0.96 (including) 0.96 (including)
Python-django Ubuntu feisty *
Python-django Ubuntu gutsy *
Python-django Ubuntu upstream *

References