CVE-2011-2939 : Detail

CVE-2011-2939

2.67%V3
Network
2012-01-13
17h00 +00:00
2012-02-17
09h00 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-189 Category : Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.

Metrics

Metrics Score Severity CVSS Vector Source
V2 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Dan_kogai>>Encode_module >> Version To (including) 2.43

Dan_kogai>>Encode_module >> Version 0.93

Dan_kogai>>Encode_module >> Version 0.94

Dan_kogai>>Encode_module >> Version 0.95

Dan_kogai>>Encode_module >> Version 0.96

Dan_kogai>>Encode_module >> Version 0.97

Dan_kogai>>Encode_module >> Version 0.98

Dan_kogai>>Encode_module >> Version 0.99

Dan_kogai>>Encode_module >> Version 1.00

Dan_kogai>>Encode_module >> Version 1.01

Dan_kogai>>Encode_module >> Version 1.10

Dan_kogai>>Encode_module >> Version 1.11

Dan_kogai>>Encode_module >> Version 1.20

Dan_kogai>>Encode_module >> Version 1.21

Dan_kogai>>Encode_module >> Version 1.25

Dan_kogai>>Encode_module >> Version 1.26

Dan_kogai>>Encode_module >> Version 1.28

Dan_kogai>>Encode_module >> Version 1.30

Dan_kogai>>Encode_module >> Version 1.31

Dan_kogai>>Encode_module >> Version 1.32

Dan_kogai>>Encode_module >> Version 1.33

Dan_kogai>>Encode_module >> Version 1.34

Dan_kogai>>Encode_module >> Version 1.40

Dan_kogai>>Encode_module >> Version 1.41

Dan_kogai>>Encode_module >> Version 1.42

Dan_kogai>>Encode_module >> Version 1.50

Dan_kogai>>Encode_module >> Version 1.51

Dan_kogai>>Encode_module >> Version 1.52

Dan_kogai>>Encode_module >> Version 1.53

Dan_kogai>>Encode_module >> Version 1.54

Dan_kogai>>Encode_module >> Version 1.55

Dan_kogai>>Encode_module >> Version 1.56

Dan_kogai>>Encode_module >> Version 1.57

Dan_kogai>>Encode_module >> Version 1.58

Dan_kogai>>Encode_module >> Version 1.59

Dan_kogai>>Encode_module >> Version 1.60

Dan_kogai>>Encode_module >> Version 1.61

Dan_kogai>>Encode_module >> Version 1.62

Dan_kogai>>Encode_module >> Version 1.63

Dan_kogai>>Encode_module >> Version 1.64

Dan_kogai>>Encode_module >> Version 1.65

Dan_kogai>>Encode_module >> Version 1.66

Dan_kogai>>Encode_module >> Version 1.67

Dan_kogai>>Encode_module >> Version 1.68

Dan_kogai>>Encode_module >> Version 1.69

Dan_kogai>>Encode_module >> Version 1.70

Dan_kogai>>Encode_module >> Version 1.71

Dan_kogai>>Encode_module >> Version 1.72

Dan_kogai>>Encode_module >> Version 1.73

Dan_kogai>>Encode_module >> Version 1.74

Dan_kogai>>Encode_module >> Version 1.75

Dan_kogai>>Encode_module >> Version 1.76

Dan_kogai>>Encode_module >> Version 1.77

Dan_kogai>>Encode_module >> Version 1.78

Dan_kogai>>Encode_module >> Version 1.79

Dan_kogai>>Encode_module >> Version 1.80

Dan_kogai>>Encode_module >> Version 1.81

Dan_kogai>>Encode_module >> Version 1.82

Dan_kogai>>Encode_module >> Version 1.83

Dan_kogai>>Encode_module >> Version 1.84

Dan_kogai>>Encode_module >> Version 1.85

Dan_kogai>>Encode_module >> Version 1.86

Dan_kogai>>Encode_module >> Version 1.87

Dan_kogai>>Encode_module >> Version 1.88

Dan_kogai>>Encode_module >> Version 1.89

Dan_kogai>>Encode_module >> Version 1.90

Dan_kogai>>Encode_module >> Version 1.91

Dan_kogai>>Encode_module >> Version 1.92

Dan_kogai>>Encode_module >> Version 1.93

Dan_kogai>>Encode_module >> Version 1.94

Dan_kogai>>Encode_module >> Version 1.95

Dan_kogai>>Encode_module >> Version 1.96

Dan_kogai>>Encode_module >> Version 1.97

Dan_kogai>>Encode_module >> Version 1.98

Dan_kogai>>Encode_module >> Version 1.99

Dan_kogai>>Encode_module >> Version 2.0

Dan_kogai>>Encode_module >> Version 2.01

Dan_kogai>>Encode_module >> Version 2.02

Dan_kogai>>Encode_module >> Version 2.03

Dan_kogai>>Encode_module >> Version 2.04

Dan_kogai>>Encode_module >> Version 2.05

Dan_kogai>>Encode_module >> Version 2.06

Dan_kogai>>Encode_module >> Version 2.07

Dan_kogai>>Encode_module >> Version 2.08

Dan_kogai>>Encode_module >> Version 2.09

Dan_kogai>>Encode_module >> Version 2.10

Dan_kogai>>Encode_module >> Version 2.11

Dan_kogai>>Encode_module >> Version 2.12

Dan_kogai>>Encode_module >> Version 2.13

Dan_kogai>>Encode_module >> Version 2.14

Dan_kogai>>Encode_module >> Version 2.15

Dan_kogai>>Encode_module >> Version 2.16

Dan_kogai>>Encode_module >> Version 2.17

Dan_kogai>>Encode_module >> Version 2.18

Dan_kogai>>Encode_module >> Version 2.19

Dan_kogai>>Encode_module >> Version 2.20

Dan_kogai>>Encode_module >> Version 2.21

Dan_kogai>>Encode_module >> Version 2.22

Dan_kogai>>Encode_module >> Version 2.23

Dan_kogai>>Encode_module >> Version 2.24

Dan_kogai>>Encode_module >> Version 2.25

Dan_kogai>>Encode_module >> Version 2.26

Dan_kogai>>Encode_module >> Version 2.27

Dan_kogai>>Encode_module >> Version 2.28

Dan_kogai>>Encode_module >> Version 2.29

Dan_kogai>>Encode_module >> Version 2.30

Dan_kogai>>Encode_module >> Version 2.31

Dan_kogai>>Encode_module >> Version 2.32

Dan_kogai>>Encode_module >> Version 2.33

Dan_kogai>>Encode_module >> Version 2.34

Dan_kogai>>Encode_module >> Version 2.35

Dan_kogai>>Encode_module >> Version 2.36

Dan_kogai>>Encode_module >> Version 2.37

Dan_kogai>>Encode_module >> Version 2.38

Dan_kogai>>Encode_module >> Version 2.39

Dan_kogai>>Encode_module >> Version 2.40

Dan_kogai>>Encode_module >> Version 2.41

Dan_kogai>>Encode_module >> Version 2.42

Perl>>Perl >> Version To (including) 5.14.2

Perl>>Perl >> Version 5.8.1

Perl>>Perl >> Version 5.8.2

Perl>>Perl >> Version 5.8.3

Perl>>Perl >> Version 5.8.4

Perl>>Perl >> Version 5.8.5

Perl>>Perl >> Version 5.8.6

Perl>>Perl >> Version 5.8.7

Perl>>Perl >> Version 5.8.8

Perl>>Perl >> Version 5.8.9

Perl>>Perl >> Version 5.8.10

Perl>>Perl >> Version 5.9.2

Perl>>Perl >> Version 5.10

Perl>>Perl >> Version 5.10.0

Perl>>Perl >> Version 5.10.0

Perl>>Perl >> Version 5.10.0

Perl>>Perl >> Version 5.10.1

Perl>>Perl >> Version 5.10.1

Perl>>Perl >> Version 5.10.1

Perl>>Perl >> Version 5.11.0

Perl>>Perl >> Version 5.11.1

Perl>>Perl >> Version 5.11.2

Perl>>Perl >> Version 5.11.3

Perl>>Perl >> Version 5.11.4

Perl>>Perl >> Version 5.11.5

Perl>>Perl >> Version 5.12.0

Perl>>Perl >> Version 5.12.0

Perl>>Perl >> Version 5.12.0

Perl>>Perl >> Version 5.12.0

Perl>>Perl >> Version 5.12.0

Perl>>Perl >> Version 5.12.0

Perl>>Perl >> Version 5.12.0

Perl>>Perl >> Version 5.12.1

Perl>>Perl >> Version 5.12.1

Perl>>Perl >> Version 5.12.1

Perl>>Perl >> Version 5.12.2

Perl>>Perl >> Version 5.12.2

Perl>>Perl >> Version 5.12.3

Perl>>Perl >> Version 5.12.3

Perl>>Perl >> Version 5.12.3

Perl>>Perl >> Version 5.12.3

Perl>>Perl >> Version 5.13.0

Perl>>Perl >> Version 5.13.1

Perl>>Perl >> Version 5.13.2

Perl>>Perl >> Version 5.13.3

Perl>>Perl >> Version 5.13.4

Perl>>Perl >> Version 5.13.5

Perl>>Perl >> Version 5.13.6

Perl>>Perl >> Version 5.13.7

Perl>>Perl >> Version 5.13.8

Perl>>Perl >> Version 5.13.9

Perl>>Perl >> Version 5.13.10

Perl>>Perl >> Version 5.13.11

Perl>>Perl >> Version 5.14.0

Perl>>Perl >> Version 5.14.0

Perl>>Perl >> Version 5.14.0

Perl>>Perl >> Version 5.14.0

Perl>>Perl >> Version 5.14.1

References

http://secunia.com/advisories/46989
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/55314
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-1643-1
Tags : vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/49858
Tags : vdb-entry, x_refsource_BID
http://www.openwall.com/lists/oss-security/2011/08/18/8
Tags : mailing-list, x_refsource_MLIST
http://secunia.com/advisories/46172
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2012:008
Tags : vendor-advisory, x_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2011-1424.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2011/08/19/17
Tags : mailing-list, x_refsource_MLIST
http://secunia.com/advisories/51457
Tags : third-party-advisory, x_refsource_SECUNIA