CVE-2011-2939

Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.

Published: Jan 13, 2012
Updated: Apr 13, 2023
CVE: CVE-2011-2939
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
perl / perl	5.14.1	5.14.1.x
dan_kogai / encode_module	1.65	1.65.x
dan_kogai / encode_module	1.56	1.56.x
dan_kogai / encode_module	2.19	2.19.x
dan_kogai / encode_module	2.08	2.08.x
dan_kogai / encode_module	-	2.43.x
dan_kogai / encode_module	1.74	1.74.x
dan_kogai / encode_module	2.20	2.20.x
dan_kogai / encode_module	0.96	0.96.x
perl / perl	5.8.4	5.8.4.x
perl / perl	5.12.0-rc1	5.12.0-rc1.x
dan_kogai / encode_module	2.17	2.17.x
dan_kogai / encode_module	1.77	1.77.x
perl / perl	5.13.10	5.13.10.x
dan_kogai / encode_module	1.97	1.97.x
dan_kogai / encode_module	2.13	2.13.x
perl / perl	5.12.0-rc4	5.12.0-rc4.x
dan_kogai / encode_module	1.95	1.95.x
dan_kogai / encode_module	1.85	1.85.x
perl / perl	5.8.1	5.8.1.x
dan_kogai / encode_module	1.54	1.54.x
dan_kogai / encode_module	2.35	2.35.x
perl / perl	5.8.9	5.8.9.x
dan_kogai / encode_module	2.16	2.16.x
dan_kogai / encode_module	1.81	1.81.x
dan_kogai / encode_module	1.11	1.11.x
dan_kogai / encode_module	1.30	1.30.x
dan_kogai / encode_module	2.22	2.22.x
dan_kogai / encode_module	1.98	1.98.x
dan_kogai / encode_module	2.07	2.07.x
dan_kogai / encode_module	2.10	2.10.x
dan_kogai / encode_module	2.23	2.23.x
dan_kogai / encode_module	2.05	2.05.x
dan_kogai / encode_module	0.93	0.93.x
perl / perl	5.12.0-rc3	5.12.0-rc3.x
dan_kogai / encode_module	1.31	1.31.x
dan_kogai / encode_module	2.0	2.0.x
perl / perl	5.12.1-rc1	5.12.1-rc1.x
perl / perl	5.13.8	5.13.8.x
dan_kogai / encode_module	1.88	1.88.x
dan_kogai / encode_module	2.25	2.25.x
dan_kogai / encode_module	0.99	0.99.x
dan_kogai / encode_module	2.03	2.03.x
dan_kogai / encode_module	1.96	1.96.x
dan_kogai / encode_module	1.75	1.75.x
perl / perl	5.11.2	5.11.2.x
perl / perl	5.13.0	5.13.0.x
dan_kogai / encode_module	1.58	1.58.x
dan_kogai / encode_module	2.06	2.06.x
perl / perl	-	5.14.2.x
dan_kogai / encode_module	0.94	0.94.x
dan_kogai / encode_module	1.32	1.32.x
dan_kogai / encode_module	1.90	1.90.x
dan_kogai / encode_module	1.28	1.28.x
perl / perl	5.14.0-rc2	5.14.0-rc2.x
perl / perl	5.12.3-rc3	5.12.3-rc3.x
perl / perl	5.13.5	5.13.5.x
perl / perl	5.13.3	5.13.3.x
perl / perl	5.9.2	5.9.2.x
dan_kogai / encode_module	1.66	1.66.x
perl / perl	5.13.6	5.13.6.x
dan_kogai / encode_module	2.37	2.37.x
dan_kogai / encode_module	0.98	0.98.x
perl / perl	5.10.0-rc2	5.10.0-rc2.x
perl / perl	5.13.11	5.13.11.x
perl / perl	5.8.2	5.8.2.x
perl / perl	5.8.10	5.8.10.x
dan_kogai / encode_module	1.68	1.68.x
perl / perl	5.11.1	5.11.1.x
dan_kogai / encode_module	2.28	2.28.x
perl / perl	5.8.5	5.8.5.x
perl / perl	5.13.7	5.13.7.x
dan_kogai / encode_module	1.64	1.64.x
dan_kogai / encode_module	1.51	1.51.x
perl / perl	5.10	5.10.x
perl / perl	5.13.1	5.13.1.x
perl / perl	5.10.1	5.10.1.x
dan_kogai / encode_module	2.32	2.32.x
perl / perl	5.12.3	5.12.3.x
perl / perl	5.12.1-rc2	5.12.1-rc2.x
dan_kogai / encode_module	1.91	1.91.x
perl / perl	5.12.0-rc2	5.12.0-rc2.x
dan_kogai / encode_module	1.83	1.83.x
perl / perl	5.14.0	5.14.0.x
dan_kogai / encode_module	1.82	1.82.x
dan_kogai / encode_module	1.59	1.59.x
perl / perl	5.12.0	5.12.0.x
dan_kogai / encode_module	2.42	2.42.x
dan_kogai / encode_module	1.42	1.42.x
dan_kogai / encode_module	1.41	1.41.x
dan_kogai / encode_module	1.86	1.86.x
perl / perl	5.12.3-rc1	5.12.3-rc1.x
dan_kogai / encode_module	2.14	2.14.x
dan_kogai / encode_module	1.34	1.34.x
dan_kogai / encode_module	1.26	1.26.x
perl / perl	5.11.5	5.11.5.x
dan_kogai / encode_module	2.29	2.29.x
dan_kogai / encode_module	1.01	1.01.x
dan_kogai / encode_module	1.60	1.60.x
dan_kogai / encode_module	1.52	1.52.x
dan_kogai / encode_module	2.02	2.02.x
dan_kogai / encode_module	2.40	2.40.x
dan_kogai / encode_module	2.34	2.34.x
dan_kogai / encode_module	2.24	2.24.x
dan_kogai / encode_module	1.53	1.53.x
perl / perl	5.11.0	5.11.0.x
dan_kogai / encode_module	1.21	1.21.x
dan_kogai / encode_module	1.99	1.99.x
dan_kogai / encode_module	2.38	2.38.x
dan_kogai / encode_module	2.01	2.01.x
dan_kogai / encode_module	2.36	2.36.x
dan_kogai / encode_module	2.41	2.41.x
dan_kogai / encode_module	0.95	0.95.x
perl / perl	5.12.2	5.12.2.x
dan_kogai / encode_module	2.18	2.18.x
dan_kogai / encode_module	1.71	1.71.x
dan_kogai / encode_module	1.94	1.94.x
dan_kogai / encode_module	1.72	1.72.x
dan_kogai / encode_module	1.63	1.63.x
dan_kogai / encode_module	1.55	1.55.x
dan_kogai / encode_module	1.69	1.69.x
perl / perl	5.8.7	5.8.7.x
dan_kogai / encode_module	1.78	1.78.x
dan_kogai / encode_module	2.39	2.39.x
dan_kogai / encode_module	1.10	1.10.x
perl / perl	5.14.0-rc1	5.14.0-rc1.x
dan_kogai / encode_module	1.00	1.00.x
perl / perl	5.11.3	5.11.3.x
perl / perl	5.13.4	5.13.4.x
perl / perl	5.14.0-rc3	5.14.0-rc3.x
dan_kogai / encode_module	1.89	1.89.x
dan_kogai / encode_module	2.11	2.11.x
perl / perl	5.10.1-rc1	5.10.1-rc1.x
dan_kogai / encode_module	1.80	1.80.x
dan_kogai / encode_module	2.04	2.04.x
dan_kogai / encode_module	1.73	1.73.x
dan_kogai / encode_module	2.15	2.15.x
perl / perl	5.11.4	5.11.4.x
dan_kogai / encode_module	1.40	1.40.x
dan_kogai / encode_module	2.21	2.21.x
dan_kogai / encode_module	1.79	1.79.x
dan_kogai / encode_module	1.50	1.50.x
dan_kogai / encode_module	2.12	2.12.x
perl / perl	5.13.9	5.13.9.x
dan_kogai / encode_module	1.92	1.92.x
dan_kogai / encode_module	1.25	1.25.x
dan_kogai / encode_module	0.97	0.97.x
dan_kogai / encode_module	1.62	1.62.x
dan_kogai / encode_module	2.27	2.27.x
perl / perl	5.12.3-rc2	5.12.3-rc2.x
dan_kogai / encode_module	1.61	1.61.x
dan_kogai / encode_module	2.09	2.09.x
perl / perl	5.12.2-rc1	5.12.2-rc1.x
perl / perl	5.12.0-rc0	5.12.0-rc0.x
dan_kogai / encode_module	1.84	1.84.x
perl / perl	5.8.3	5.8.3.x
dan_kogai / encode_module	2.33	2.33.x
dan_kogai / encode_module	1.33	1.33.x
perl / perl	5.12.0-rc5	5.12.0-rc5.x
dan_kogai / encode_module	1.87	1.87.x
dan_kogai / encode_module	2.26	2.26.x
perl / perl	5.8.6	5.8.6.x
dan_kogai / encode_module	2.30	2.30.x
dan_kogai / encode_module	1.57	1.57.x
dan_kogai / encode_module	1.20	1.20.x
perl / perl	5.10.0	5.10.0.x
perl / perl	5.8.8	5.8.8.x
dan_kogai / encode_module	1.70	1.70.x
dan_kogai / encode_module	1.76	1.76.x
perl / perl	5.13.2	5.13.2.x
dan_kogai / encode_module	1.67	1.67.x
perl / perl	5.10.0-rc1	5.10.0-rc1.x
dan_kogai / encode_module	2.31	2.31.x
dan_kogai / encode_module	1.93	1.93.x
perl / perl	5.12.1	5.12.1.x
perl / perl	5.10.1-rc2	5.10.1-rc2.x

Vulnerability Database

289,697

CVE-2011-2939