Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2012-4520 |
CWE-ID | CWE-20 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Django Web applications / CMS |
Vendor | Django Software Foundation |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU43328
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2012-4520
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values.
MitigationInstall update from vendor's website.
Vulnerable software versionsDjango: 1.3 - 1.4.1
CPE2.3 External linkshttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691145
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090666.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090904.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090970.html
http://secunia.com/advisories/51033
http://secunia.com/advisories/51314
http://securitytracker.com/id?1027708
http://ubuntu.com/usn/usn-1632-1
http://ubuntu.com/usn/usn-1757-1
http://www.debian.org/security/2013/dsa-2634
http://www.openwall.com/lists/oss-security/2012/10/30/4
http://www.osvdb.org/86493
http://bugzilla.redhat.com/show_bug.cgi?id=865164
http://github.com/django/django/commit/92d3430f12171f16f566c9050c40feefb830a4a3
http://github.com/django/django/commit/9305c0e12d43c4df999c3301a1f0c742264a657e
http://github.com/django/django/commit/b45c377f8f488955e0c7069cad3f3dd21910b071
http://www.djangoproject.com/weblog/2012/oct/17/security/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.