Vulnerability Description
The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Django Project | Django | 0.91 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/27435PatchVendor Advisory
- http://secunia.com/advisories/27597Vendor Advisory
- http://secunia.com/advisories/31961Vendor Advisory
- http://sourceforge.net/forum/forum.php?forum_id=749199
- http://www.debian.org/security/2008/dsa-1640Patch
- http://www.djangoproject.com/weblog/2007/oct/26/security-fixPatch
- http://www.securityfocus.com/bid/26227
- http://www.vupen.com/english/advisories/2007/3660Vendor Advisory
- http://www.vupen.com/english/advisories/2007/3661Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38143
- https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00243.h
- https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00257.h
- http://secunia.com/advisories/27435PatchVendor Advisory
- http://secunia.com/advisories/27597Vendor Advisory
- http://secunia.com/advisories/31961Vendor Advisory
FAQ
What is CVE-2007-5712?
CVE-2007-5712 is a vulnerability with a CVSS score of 2.6 (LOW). The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows rem...
How severe is CVE-2007-5712?
CVE-2007-5712 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5712?
Check the references section above for vendor advisories and patch information. Affected products include: Django Project Django.