Description

Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.

Remediation

References

CVE-2011-2939

Related Vulnerabilities

WordPress Plugin W3 Total Cache Multiple Vulnerabilities (0.9.4.1)

MySQL CVE-2019-2503 Vulnerability (CVE-2019-2503)

MediaWiki Improper Input Validation Vulnerability (CVE-2017-8811)

WordPress Plugin SS Downloads Cross-Site Request Forgery and Information Disclosure Vulnerabilities (1.4.3)

WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-8942)

Severity

Medium

Classification

CVE-2011-2939

Tags

Missing Update Known Vulnerabilities