Search for vulnerabilities
Vulnerability details: VCID-mw4g-q6sf-aaar
Vulnerability ID VCID-mw4g-q6sf-aaar
Aliases CVE-2012-3444
GHSA-5h2q-4hrp-v9rr
PYSEC-2012-4
Summary The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.01111 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.0119 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02730 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02730 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02730 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
epss 0.02730 https://api.first.org/data/v1/epss?cve=CVE-2012-3444
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-5h2q-4hrp-v9rr
cvssv3.1 3.7 https://github.com/django/django
generic_textual MODERATE https://github.com/django/django
cvssv3.1 7.5 https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155
generic_textual HIGH https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155
cvssv3.1 7.5 https://github.com/django/django/commit/b2eb4787a0fff9c9993b78be5c698e85108f3446
generic_textual HIGH https://github.com/django/django/commit/b2eb4787a0fff9c9993b78be5c698e85108f3446
cvssv3.1 7.5 https://github.com/django/django/commit/c14f325c4eef628bc7bfd8873c3a72aeb0219141
generic_textual HIGH https://github.com/django/django/commit/c14f325c4eef628bc7bfd8873c3a72aeb0219141
cvssv3.1 7.5 https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6
generic_textual HIGH https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6
cvssv3.1 7.5 https://github.com/django/django/commit/dd16b17099b7d86f27773df048c5014cf439b282
generic_textual HIGH https://github.com/django/django/commit/dd16b17099b7d86f27773df048c5014cf439b282
cvssv3.1 7.5 https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-4.yaml
generic_textual HIGH https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-4.yaml
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2012-3444
cvssv3.1 7.5 https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
generic_textual HIGH https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
cvssv3.1 7.5 http://www.debian.org/security/2012/dsa-2529
generic_textual HIGH http://www.debian.org/security/2012/dsa-2529
cvssv3.1 7.5 http://www.mandriva.com/security/advisories?name=MDVSA-2012:143
generic_textual HIGH http://www.mandriva.com/security/advisories?name=MDVSA-2012:143
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2012/07/31/1
generic_textual HIGH http://www.openwall.com/lists/oss-security/2012/07/31/1
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2012/07/31/2
generic_textual HIGH http://www.openwall.com/lists/oss-security/2012/07/31/2
cvssv3.1 7.5 http://www.ubuntu.com/usn/USN-1560-1
generic_textual HIGH http://www.ubuntu.com/usn/USN-1560-1
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2012-3444
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444
https://github.com/django/django
https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155
https://github.com/django/django/commit/b2eb4787a0fff9c9993b78be5c698e85108f3446
https://github.com/django/django/commit/c14f325c4eef628bc7bfd8873c3a72aeb0219141
https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6
https://github.com/django/django/commit/dd16b17099b7d86f27773df048c5014cf439b282
https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-4.yaml
https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
http://www.debian.org/security/2012/dsa-2529
http://www.mandriva.com/security/advisories?name=MDVSA-2012:143
http://www.openwall.com/lists/oss-security/2012/07/31/1
http://www.openwall.com/lists/oss-security/2012/07/31/2
http://www.ubuntu.com/usn/USN-1560-1
683364 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364
cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:0.95:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:0.95:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:0.96:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:0.96:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.0:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.0:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.0:alpha2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.0:beta:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.0:beta:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.0:beta2:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.1.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.1.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.1:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1:alpha1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.1:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1:beta1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.1:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.1:rc1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.2.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.2.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.2.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.2.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.2-alpha1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2-alpha1:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.2:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2:beta1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.2:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.2:rc1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.3:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.3:alpha1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.3:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.3:beta1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4:*:*:*:*:*:*:*
CVE-2012-3444 https://nvd.nist.gov/vuln/detail/CVE-2012-3444
GHSA-5h2q-4hrp-v9rr https://github.com/advisories/GHSA-5h2q-4hrp-v9rr
USN-1560-1 https://usn.ubuntu.com/1560-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/django/django
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/django/django/commit/b2eb4787a0fff9c9993b78be5c698e85108f3446
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/django/django/commit/c14f325c4eef628bc7bfd8873c3a72aeb0219141
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/django/django/commit/dd16b17099b7d86f27773df048c5014cf439b282
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-4.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2012-3444
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.debian.org/security/2012/dsa-2529
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.mandriva.com/security/advisories?name=MDVSA-2012:143
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2012/07/31/1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2012/07/31/2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.ubuntu.com/usn/USN-1560-1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.64988
EPSS Score 0.01111
Published At March 29, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.