CVE-2011-0698

Publication date 14 February 2011

Last updated 24 July 2024


Ubuntu priority

Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / (slash) character in a key in a session cookie, related to session replays.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
python-django 10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
8.04 LTS hardy
Not affected
6.06 LTS dapper Not in release

Notes


mdeslaur

windows-specific