Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Django Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2012-3444 - Vulnerability Database
Django

Django Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2012-3444

Medium
Reference: CVE-2012-3444
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-3444
Title: Django Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Overview:

The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image.