The form library in Django 1.3.x prior to 1.3.6, 1.4.x prior to 1.4.4, and 1.5 before release candidate 2 allows remote malicious users to bypass intended resource limits for formsets and cause a denial of service (memory consumption) or trigger server errors via a modified max_num parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
djangoproject django 1.3.2 |
||
djangoproject django 1.3.3 |
||
djangoproject django 1.3 |
||
djangoproject django 1.3.1 |
||
djangoproject django 1.4 |
||
djangoproject django 1.4.1 |
||
djangoproject django 1.4.2 |
||
djangoproject django 1.5 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 11.10 |
||
canonical ubuntu linux 10.04 |