The django.forms.ImageField class in the form system in Django prior to 1.3.2 and 1.4.x prior to 1.4.1 completely decompresses image data during image validation, which allows remote malicious users to cause a denial of service (memory consumption) by uploading an image file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
djangoproject django |
||
djangoproject django 1.3 |
||
djangoproject django 1.2.6 |
||
djangoproject django 1.2.5 |
||
djangoproject django 1.1.4 |
||
djangoproject django 1.1.3 |
||
djangoproject django 1.0.1 |
||
djangoproject django 0.96 |
||
djangoproject django 1.2 |
||
djangoproject django 1.2.7 |
||
djangoproject django 1.1 |
||
djangoproject django 1.0 |
||
djangoproject django 1.0.2 |
||
djangoproject django 1.2.4 |
||
djangoproject django 1.2.2 |
||
djangoproject django 1.1.2 |
||
djangoproject django 0.95 |
||
djangoproject django 1.4 |
||
djangoproject django 1.2-alpha1 |