CVE-2012-3444
published 2012-07-31CVE-2012-3444: The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts…
PriorityP420medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
1.77%
75.4th percentile
The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | python-django | < python-django 1.4.1-1 (bookworm) | python-django 1.4.1-1 (bookworm) |
| djangoproject | django | <= 1.3 | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | >= 0 < 1.3.2 | 1.3.2 |
| djangoproject | django | >= 1.4 < 1.4.1 | 1.4.1 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
ghsa·2022-05-17
CVE-2012-3444 [HIGH] CWE-119 Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
The `get_image_dimensions` function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image.
OSV
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
osv·2022-05-17
CVE-2012-3444 [HIGH] Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
The `get_image_dimensions` function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image.
OSV
CVE-2012-3444: The get_image_dimensions function in the image-handling functionality in Django before 1
osv·2012-07-31·CVSS 5.0
CVE-2012-3444 [MEDIUM] CVE-2012-3444: The get_image_dimensions function in the image-handling functionality in Django before 1
The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image.
Ubuntu
Django vulnerabilities
vendor_ubuntu·2012-09-10·CVSS 4.3
CVE-2012-3442 [MEDIUM] Django vulnerabilities
Title: Django vulnerabilities
Summary: Applications using Django could be made to crash or expose sensitive
information.
It was discovered that Django incorrectly validated the scheme of a
redirect target. If a user were tricked into opening a specially crafted
URL, an attacker could possibly exploit this to conduct cross-site
scripting (XSS) attacks. (CVE-2012-3442)
It was discovered that Django incorrectly handled validating certain
images. A remote attacker could use this flaw to cause the server to
consume memory, leading to a denial of service. (CVE-2012-3443)
Jeroen Dekkers discovered that Django incorrectly handled certain image
dimensions. A remote attacker could use this flaw to cause the server to
consume resources, leading to a denial of service. (CVE-2012-3444)
Instruction
Debian
CVE-2012-3444: python-django - The get_image_dimensions function in the image-handling functionality in Django ...
vendor_debian·2012·CVSS 5.0
CVE-2012-3444 [MEDIUM] CVE-2012-3444: python-django - The get_image_dimensions function in the image-handling functionality in Django ...
The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image.
Scope: local
bookworm: resolved (fixed in 1.4.1-1)
bullseye: resolved (fixed in 1.4.1-1)
forky: resolved (fixed in 1.4.1-1)
sid: resolved (fixed in 1.4.1-1)
trixie: resolved (fixed in 1.4.1-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2012-3444 Django: 1.3.1 and 1.4.0 Denial-of-service via get_image_dimensions() [fedora-all]
bugzilla·2012-07-31·CVSS 5.0
CVE-2012-3444 [MEDIUM] CVE-2012-3444 Django: 1.3.1 and 1.4.0 Denial-of-service via get_image_dimensions() [fedora-all]
CVE-2012-3444 Django: 1.3.1 and 1.4.0 Denial-of-service via get_image_dimensions() [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates
Bugzilla
CVE-2012-3444 Django: 1.3.1 and 1.4.0 Denial-of-service via get_image_dimensions() [epel-all]
bugzilla·2012-07-31·CVSS 5.0
CVE-2012-3444 [MEDIUM] CVE-2012-3444 Django: 1.3.1 and 1.4.0 Denial-of-service via get_image_dimensions() [epel-all]
CVE-2012-3444 Django: 1.3.1 and 1.4.0 Denial-of-service via get_image_dimensions() [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/n
Bugzilla
CVE-2012-3444 Django: 1.3.1 and 1.4.0 Denial-of-service via get_image_dimensions()
bugzilla·2012-07-31·CVSS 5.0
CVE-2012-3444 [MEDIUM] CVE-2012-3444 Django: 1.3.1 and 1.4.0 Denial-of-service via get_image_dimensions()
CVE-2012-3444 Django: 1.3.1 and 1.4.0 Denial-of-service via get_image_dimensions()
James Bennett of the Django Project reports:
Security releases issued
Today the Django team is issuing multiple releases -- Django 1.3.2 and
Django 1.4.1 -- to remedy security issues reported to us.
All users are encouraged to upgrade Django immediately.
Denial-of-service via get_image_dimensions()
Django's image-handling facilities also include helper methods to
determine the dimensions of an image. Currently, the process for this
involves reading a 1024-byte chunk from the start of the file, and
passing to PIL to determine the dimensions; if insufficient data is
provided, further 1024-byte chunks are read until PIL is able to
return a definite answer.
While this works well for image formats which st
http://www.debian.org/security/2012/dsa-2529http://www.mandriva.com/security/advisories?name=MDVSA-2012:143http://www.openwall.com/lists/oss-security/2012/07/31/1http://www.openwall.com/lists/oss-security/2012/07/31/2http://www.ubuntu.com/usn/USN-1560-1https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/http://www.debian.org/security/2012/dsa-2529http://www.mandriva.com/security/advisories?name=MDVSA-2012:143http://www.openwall.com/lists/oss-security/2012/07/31/1http://www.openwall.com/lists/oss-security/2012/07/31/2http://www.ubuntu.com/usn/USN-1560-1https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
2012-07-31
Published