Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Encode_module | Dan_kogai | * | 2.43 (including) |
| Encode_module | Dan_kogai | 0.93 (including) | 0.93 (including) |
| Encode_module | Dan_kogai | 0.94 (including) | 0.94 (including) |
| Encode_module | Dan_kogai | 0.95 (including) | 0.95 (including) |
| Encode_module | Dan_kogai | 0.96 (including) | 0.96 (including) |
| Encode_module | Dan_kogai | 0.97 (including) | 0.97 (including) |
| Encode_module | Dan_kogai | 0.98 (including) | 0.98 (including) |
| Encode_module | Dan_kogai | 0.99 (including) | 0.99 (including) |
| Encode_module | Dan_kogai | 1.00 (including) | 1.00 (including) |
| Encode_module | Dan_kogai | 1.01 (including) | 1.01 (including) |
| Encode_module | Dan_kogai | 1.10 (including) | 1.10 (including) |
| Encode_module | Dan_kogai | 1.11 (including) | 1.11 (including) |
| Encode_module | Dan_kogai | 1.20 (including) | 1.20 (including) |
| Encode_module | Dan_kogai | 1.21 (including) | 1.21 (including) |
| Encode_module | Dan_kogai | 1.25 (including) | 1.25 (including) |
| Encode_module | Dan_kogai | 1.26 (including) | 1.26 (including) |
| Encode_module | Dan_kogai | 1.28 (including) | 1.28 (including) |
| Encode_module | Dan_kogai | 1.30 (including) | 1.30 (including) |
| Encode_module | Dan_kogai | 1.31 (including) | 1.31 (including) |
| Encode_module | Dan_kogai | 1.32 (including) | 1.32 (including) |
| Encode_module | Dan_kogai | 1.33 (including) | 1.33 (including) |
| Encode_module | Dan_kogai | 1.34 (including) | 1.34 (including) |
| Encode_module | Dan_kogai | 1.40 (including) | 1.40 (including) |
| Encode_module | Dan_kogai | 1.41 (including) | 1.41 (including) |
| Encode_module | Dan_kogai | 1.42 (including) | 1.42 (including) |
| Encode_module | Dan_kogai | 1.50 (including) | 1.50 (including) |
| Encode_module | Dan_kogai | 1.51 (including) | 1.51 (including) |
| Encode_module | Dan_kogai | 1.52 (including) | 1.52 (including) |
| Encode_module | Dan_kogai | 1.53 (including) | 1.53 (including) |
| Encode_module | Dan_kogai | 1.54 (including) | 1.54 (including) |
| Encode_module | Dan_kogai | 1.55 (including) | 1.55 (including) |
| Encode_module | Dan_kogai | 1.56 (including) | 1.56 (including) |
| Encode_module | Dan_kogai | 1.57 (including) | 1.57 (including) |
| Encode_module | Dan_kogai | 1.58 (including) | 1.58 (including) |
| Encode_module | Dan_kogai | 1.59 (including) | 1.59 (including) |
| Encode_module | Dan_kogai | 1.60 (including) | 1.60 (including) |
| Encode_module | Dan_kogai | 1.61 (including) | 1.61 (including) |
| Encode_module | Dan_kogai | 1.62 (including) | 1.62 (including) |
| Encode_module | Dan_kogai | 1.63 (including) | 1.63 (including) |
| Encode_module | Dan_kogai | 1.64 (including) | 1.64 (including) |
| Encode_module | Dan_kogai | 1.65 (including) | 1.65 (including) |
| Encode_module | Dan_kogai | 1.66 (including) | 1.66 (including) |
| Encode_module | Dan_kogai | 1.67 (including) | 1.67 (including) |
| Encode_module | Dan_kogai | 1.68 (including) | 1.68 (including) |
| Encode_module | Dan_kogai | 1.69 (including) | 1.69 (including) |
| Encode_module | Dan_kogai | 1.70 (including) | 1.70 (including) |
| Encode_module | Dan_kogai | 1.71 (including) | 1.71 (including) |
| Encode_module | Dan_kogai | 1.72 (including) | 1.72 (including) |
| Encode_module | Dan_kogai | 1.73 (including) | 1.73 (including) |
| Encode_module | Dan_kogai | 1.74 (including) | 1.74 (including) |
| Encode_module | Dan_kogai | 1.75 (including) | 1.75 (including) |
| Encode_module | Dan_kogai | 1.76 (including) | 1.76 (including) |
| Encode_module | Dan_kogai | 1.77 (including) | 1.77 (including) |
| Encode_module | Dan_kogai | 1.78 (including) | 1.78 (including) |
| Encode_module | Dan_kogai | 1.79 (including) | 1.79 (including) |
| Encode_module | Dan_kogai | 1.80 (including) | 1.80 (including) |
| Encode_module | Dan_kogai | 1.81 (including) | 1.81 (including) |
| Encode_module | Dan_kogai | 1.82 (including) | 1.82 (including) |
| Encode_module | Dan_kogai | 1.83 (including) | 1.83 (including) |
| Encode_module | Dan_kogai | 1.84 (including) | 1.84 (including) |
| Encode_module | Dan_kogai | 1.85 (including) | 1.85 (including) |
| Encode_module | Dan_kogai | 1.86 (including) | 1.86 (including) |
| Encode_module | Dan_kogai | 1.87 (including) | 1.87 (including) |
| Encode_module | Dan_kogai | 1.88 (including) | 1.88 (including) |
| Encode_module | Dan_kogai | 1.89 (including) | 1.89 (including) |
| Encode_module | Dan_kogai | 1.90 (including) | 1.90 (including) |
| Encode_module | Dan_kogai | 1.91 (including) | 1.91 (including) |
| Encode_module | Dan_kogai | 1.92 (including) | 1.92 (including) |
| Encode_module | Dan_kogai | 1.93 (including) | 1.93 (including) |
| Encode_module | Dan_kogai | 1.94 (including) | 1.94 (including) |
| Encode_module | Dan_kogai | 1.95 (including) | 1.95 (including) |
| Encode_module | Dan_kogai | 1.96 (including) | 1.96 (including) |
| Encode_module | Dan_kogai | 1.97 (including) | 1.97 (including) |
| Encode_module | Dan_kogai | 1.98 (including) | 1.98 (including) |
| Encode_module | Dan_kogai | 1.99 (including) | 1.99 (including) |
| Encode_module | Dan_kogai | 2.0 (including) | 2.0 (including) |
| Encode_module | Dan_kogai | 2.01 (including) | 2.01 (including) |
| Encode_module | Dan_kogai | 2.02 (including) | 2.02 (including) |
| Encode_module | Dan_kogai | 2.03 (including) | 2.03 (including) |
| Encode_module | Dan_kogai | 2.04 (including) | 2.04 (including) |
| Encode_module | Dan_kogai | 2.05 (including) | 2.05 (including) |
| Encode_module | Dan_kogai | 2.06 (including) | 2.06 (including) |
| Encode_module | Dan_kogai | 2.07 (including) | 2.07 (including) |
| Encode_module | Dan_kogai | 2.08 (including) | 2.08 (including) |
| Encode_module | Dan_kogai | 2.09 (including) | 2.09 (including) |
| Encode_module | Dan_kogai | 2.10 (including) | 2.10 (including) |
| Encode_module | Dan_kogai | 2.11 (including) | 2.11 (including) |
| Encode_module | Dan_kogai | 2.12 (including) | 2.12 (including) |
| Encode_module | Dan_kogai | 2.13 (including) | 2.13 (including) |
| Encode_module | Dan_kogai | 2.14 (including) | 2.14 (including) |
| Encode_module | Dan_kogai | 2.15 (including) | 2.15 (including) |
| Encode_module | Dan_kogai | 2.16 (including) | 2.16 (including) |
| Encode_module | Dan_kogai | 2.17 (including) | 2.17 (including) |
| Encode_module | Dan_kogai | 2.18 (including) | 2.18 (including) |
| Encode_module | Dan_kogai | 2.19 (including) | 2.19 (including) |
| Encode_module | Dan_kogai | 2.20 (including) | 2.20 (including) |
| Encode_module | Dan_kogai | 2.21 (including) | 2.21 (including) |
| Encode_module | Dan_kogai | 2.22 (including) | 2.22 (including) |
| Encode_module | Dan_kogai | 2.23 (including) | 2.23 (including) |
| Encode_module | Dan_kogai | 2.24 (including) | 2.24 (including) |
| Encode_module | Dan_kogai | 2.25 (including) | 2.25 (including) |
| Encode_module | Dan_kogai | 2.26 (including) | 2.26 (including) |
| Encode_module | Dan_kogai | 2.27 (including) | 2.27 (including) |
| Encode_module | Dan_kogai | 2.28 (including) | 2.28 (including) |
| Encode_module | Dan_kogai | 2.29 (including) | 2.29 (including) |
| Encode_module | Dan_kogai | 2.30 (including) | 2.30 (including) |
| Encode_module | Dan_kogai | 2.31 (including) | 2.31 (including) |
| Encode_module | Dan_kogai | 2.32 (including) | 2.32 (including) |
| Encode_module | Dan_kogai | 2.33 (including) | 2.33 (including) |
| Encode_module | Dan_kogai | 2.34 (including) | 2.34 (including) |
| Encode_module | Dan_kogai | 2.35 (including) | 2.35 (including) |
| Encode_module | Dan_kogai | 2.36 (including) | 2.36 (including) |
| Encode_module | Dan_kogai | 2.37 (including) | 2.37 (including) |
| Encode_module | Dan_kogai | 2.38 (including) | 2.38 (including) |
| Encode_module | Dan_kogai | 2.39 (including) | 2.39 (including) |
| Encode_module | Dan_kogai | 2.40 (including) | 2.40 (including) |
| Encode_module | Dan_kogai | 2.41 (including) | 2.41 (including) |
| Encode_module | Dan_kogai | 2.42 (including) | 2.42 (including) |
| Perl | Perl | * | 5.14.2 (including) |
| Perl | Perl | 5.8.1 (including) | 5.8.1 (including) |
| Perl | Perl | 5.8.2 (including) | 5.8.2 (including) |
| Perl | Perl | 5.8.3 (including) | 5.8.3 (including) |
| Perl | Perl | 5.8.4 (including) | 5.8.4 (including) |
| Perl | Perl | 5.8.5 (including) | 5.8.5 (including) |
| Perl | Perl | 5.8.6 (including) | 5.8.6 (including) |
| Perl | Perl | 5.8.7 (including) | 5.8.7 (including) |
| Perl | Perl | 5.8.8 (including) | 5.8.8 (including) |
| Perl | Perl | 5.8.9 (including) | 5.8.9 (including) |
| Perl | Perl | 5.8.10 (including) | 5.8.10 (including) |
| Perl | Perl | 5.9.2 (including) | 5.9.2 (including) |
| Perl | Perl | 5.10 (including) | 5.10 (including) |
| Perl | Perl | 5.10.0 (including) | 5.10.0 (including) |
| Perl | Perl | 5.10.0-rc1 (including) | 5.10.0-rc1 (including) |
| Perl | Perl | 5.10.0-rc2 (including) | 5.10.0-rc2 (including) |
| Perl | Perl | 5.10.1 (including) | 5.10.1 (including) |
| Perl | Perl | 5.10.1-rc1 (including) | 5.10.1-rc1 (including) |
| Perl | Perl | 5.10.1-rc2 (including) | 5.10.1-rc2 (including) |
| Perl | Perl | 5.11.0 (including) | 5.11.0 (including) |
| Perl | Perl | 5.11.1 (including) | 5.11.1 (including) |
| Perl | Perl | 5.11.2 (including) | 5.11.2 (including) |
| Perl | Perl | 5.11.3 (including) | 5.11.3 (including) |
| Perl | Perl | 5.11.4 (including) | 5.11.4 (including) |
| Perl | Perl | 5.11.5 (including) | 5.11.5 (including) |
| Perl | Perl | 5.12.0 (including) | 5.12.0 (including) |
| Perl | Perl | 5.12.0-rc0 (including) | 5.12.0-rc0 (including) |
| Perl | Perl | 5.12.0-rc1 (including) | 5.12.0-rc1 (including) |
| Perl | Perl | 5.12.0-rc2 (including) | 5.12.0-rc2 (including) |
| Perl | Perl | 5.12.0-rc3 (including) | 5.12.0-rc3 (including) |
| Perl | Perl | 5.12.0-rc4 (including) | 5.12.0-rc4 (including) |
| Perl | Perl | 5.12.0-rc5 (including) | 5.12.0-rc5 (including) |
| Perl | Perl | 5.12.1 (including) | 5.12.1 (including) |
| Perl | Perl | 5.12.1-rc1 (including) | 5.12.1-rc1 (including) |
| Perl | Perl | 5.12.1-rc2 (including) | 5.12.1-rc2 (including) |
| Perl | Perl | 5.12.2 (including) | 5.12.2 (including) |
| Perl | Perl | 5.12.2-rc1 (including) | 5.12.2-rc1 (including) |
| Perl | Perl | 5.12.3 (including) | 5.12.3 (including) |
| Perl | Perl | 5.12.3-rc1 (including) | 5.12.3-rc1 (including) |
| Perl | Perl | 5.12.3-rc2 (including) | 5.12.3-rc2 (including) |
| Perl | Perl | 5.12.3-rc3 (including) | 5.12.3-rc3 (including) |
| Perl | Perl | 5.13.0 (including) | 5.13.0 (including) |
| Perl | Perl | 5.13.1 (including) | 5.13.1 (including) |
| Perl | Perl | 5.13.2 (including) | 5.13.2 (including) |
| Perl | Perl | 5.13.3 (including) | 5.13.3 (including) |
| Perl | Perl | 5.13.4 (including) | 5.13.4 (including) |
| Perl | Perl | 5.13.5 (including) | 5.13.5 (including) |
| Perl | Perl | 5.13.6 (including) | 5.13.6 (including) |
| Perl | Perl | 5.13.7 (including) | 5.13.7 (including) |
| Perl | Perl | 5.13.8 (including) | 5.13.8 (including) |
| Perl | Perl | 5.13.9 (including) | 5.13.9 (including) |
| Perl | Perl | 5.13.10 (including) | 5.13.10 (including) |
| Perl | Perl | 5.13.11 (including) | 5.13.11 (including) |
| Perl | Perl | 5.14.0 (including) | 5.14.0 (including) |
| Perl | Perl | 5.14.0-rc1 (including) | 5.14.0-rc1 (including) |
| Perl | Perl | 5.14.0-rc2 (including) | 5.14.0-rc2 (including) |
| Perl | Perl | 5.14.0-rc3 (including) | 5.14.0-rc3 (including) |
| Perl | Perl | 5.14.1 (including) | 5.14.1 (including) |
| Red Hat Enterprise Linux 6 | RedHat | perl-4:5.10.1-119.el6_1.1 | * |
| Perl | Ubuntu | lucid | * |
| Perl | Ubuntu | maverick | * |
| Perl | Ubuntu | natty | * |
| Perl | Ubuntu | upstream | * |