Back to search
CVE-2011-2939
Published: Jan 13, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
46989
third-party-advisory
x_refsource_SECUNIA
http://cpansearch.perl.org/src/FLORA/perl-5.14.2/pod/perldelta.pod
x_refsource_CONFIRM
55314
third-party-advisory
x_refsource_SECUNIA
USN-1643-1
vendor-advisory
x_refsource_UBUNTU
49858
vdb-entry
x_refsource_BID
[oss-security] 20110818 CVE request: heap overflow in perl while decoding Unicode string
mailing-list
x_refsource_MLIST
46172
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=731246
x_refsource_CONFIRM
MDVSA-2012:008
vendor-advisory
x_refsource_MANDRIVA
RHSA-2011:1424
vendor-advisory
x_refsource_REDHAT
[oss-security] 20110819 Re: CVE request: heap overflow in perl while decoding Unicode string
mailing-list
x_refsource_MLIST
51457
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now