CVE-2011-1027
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2011-1027
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Off-by-one error in the convert_query_hexchar function in html.c in cgit.cgi in cgit before 0.8.3.5 allows remote attackers to cause a denial of service (infinite loop) via a string composed of a % (percent) character followed by invalid hex characters, as demonstrated by a %gg sequence.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Lars_Hjemli cgit convert_query_hexchar函数无限循环拒绝服务漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
cgit 0.8.3.5之前版本的cgit.cgi的html.c中的convert_query_hexchar函数中存在off-by-one错误漏洞。远程攻击者可以借助由无效16进制字符之后的%字符组成的字符串,导致拒绝服务(无限循环)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2011-1027
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2011-1027
Please Login to view more intelligence information
- https://bugzilla.redhat.com/show_bug.cgi?id=680905x_refsource_CONFIRM
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055898.htmlvendor-advisoryx_refsource_FEDORA
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055966.htmlvendor-advisoryx_refsource_FEDORA
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055896.htmlvendor-advisoryx_refsource_FEDORA
- https://nvd.nist.gov/vuln/detail/CVE-2011-1027
Same Patch Batch · n/a · 2011-03-20 · 15 CVEs total
| CVE-2011-0284 | MIT Kerberos KDC 'do_as_req.c'双重释放内存破坏漏洞 | |
| CVE-2011-0421 | PHP Zip扩展_zip_name_locate函数拒绝服务漏洞 | |
| CVE-2011-0708 | PHP Exif扩展exif.c拒绝服务漏洞 | |
| CVE-2011-1024 | OpenLDAP back-ldap chain.c外部程序认证绕过漏洞 | |
| CVE-2011-1025 | OpenLDAP back-ndb bind.cpp访问限制绕过漏洞 | |
| CVE-2011-1081 | OpenLDAP slapd modrdn.c拒绝服务漏洞 | |
| CVE-2011-1464 | PHP strval函数缓冲区溢出漏洞 | |
| CVE-2011-1465 | Google Chrome net/http/http_network_transaction.cc SPDY实现拒绝服务漏洞 | |
| CVE-2011-1466 | PHP Calendar SdnToJulian函数整数溢出漏洞 | |
| CVE-2011-1467 | PHP Intl扩展NumberFormatter::setSymbol函数拒绝服务漏洞 | |
| CVE-2011-1468 | PHP OpenSSL扩展多个内存泄露漏洞 | |
| CVE-2011-1469 | PHP Streams组件拒绝服务漏洞 | |
| CVE-2011-1470 | PHP Zip扩展拒绝服务漏洞 | |
| CVE-2011-1471 | PHP Zip扩展zip_stream.c整数符号错误漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-8127
eladmin Users API Endpoint UserController.java checkLevel ac
V. Comments for CVE-2011-1027
No comments yet