ID CVE-2005-3962
Summary Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
References
Vulnerable Configurations
  • cpe:2.3:a:perl:perl:5.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.9.2:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 19-10-2018 - 15:39)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2013-04-29T04:06:59.152-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    description Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
    family unix
    id oval:org.mitre.oval:def:10598
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
    version 23
  • accepted 2006-05-03T10:06:00.000-04:00
    class vulnerability
    contributors
    name Robert L. Hollis
    organization ThreatGuard, Inc.
    description Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
    family unix
    id oval:org.mitre.oval:def:1074
    status accepted
    submitted 2006-03-02T02:05:00.000-04:00
    title Perl Format String Integer Overflow Vulnerability
    version 32
redhat via4
advisories
  • rhsa
    id RHSA-2005:880
  • rhsa
    id RHSA-2005:881
refmap via4
apple APPLE-SA-2006-11-28
bid 15629
bugtraq 20051201 Perl format string integer wrap vulnerability
cert TA06-333A
cert-vn VU#948385
conectiva CLSA-2006:1056
confirm
debian DSA-943
fedora FLSA-2006:176731
fulldisc 20051201 Perl format string integer wrap vulnerability
gentoo GLSA-200512-01
hp
  • HPSBTU02125
  • SSRT061105
mandrake MDKSA-2005:225
misc http://www.dyadsecurity.com/perl-0002.html
openbsd [3.7] 20060105 007: SECURITY FIX: January 5, 2006
openpkg OpenPKG-SA-2005.025
osvdb
  • 21345
  • 22255
secunia
  • 17762
  • 17802
  • 17844
  • 17941
  • 17952
  • 17993
  • 18075
  • 18183
  • 18187
  • 18295
  • 18413
  • 18517
  • 19041
  • 20894
  • 23155
  • 31208
sgi 20060101-01-U
sunalert 102192
suse
  • SUSE-SA:2005:071
  • SUSE-SR:2005:029
trustix TSLSA-2005-0070
ubuntu USN-222-1
vupen
  • ADV-2005-2688
  • ADV-2006-0771
  • ADV-2006-2613
  • ADV-2006-4750
Last major update 19-10-2018 - 15:39
Published 01-12-2005 - 17:03
Back to Top