Description

Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.

Remediation

References

CVE-2011-2939

Related Vulnerabilities

WordPress Plugin ArcadePress 'upload.php' Arbitrary File Upload (0.65)

MySQL CVE-2020-14891 Vulnerability (CVE-2020-14891)

MySQL CVE-2016-0606 Vulnerability (CVE-2016-0606)

WordPress Plugin WordPress Email Template Designer-WP HTML Mail Cross-Site Scripting (3.0.9)

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46816)

Severity

Medium

Classification

CVE-2011-2939

Tags

Missing Update Known Vulnerabilities