CVE-2011-2939 in Perlinfo

Summary

Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

07/27/2011

Disclosure

01/13/2012

Moderation

VulDB entry created

Entries

VDB-59922 (1)

CPE

ready

CWE

CWE-189 (Confirmed)

CVSS

7.3

EPSS

0.06571

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-2939
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-2939
CVE Details	https://www.cvedetails.com/cve/CVE-2011-2939/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!