CVE-2005-3962

critical

Description

Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.

References

https://www.redhat.com/archives/fedora-legacy-announce/2006-February/msg00008.html

https://usn.ubuntu.com/222-1/

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1074

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10598

http://www.vupen.com/english/advisories/2006/4750

http://www.vupen.com/english/advisories/2006/2613

http://www.vupen.com/english/advisories/2006/0771

http://www.vupen.com/english/advisories/2005/2688

http://www.us-cert.gov/cas/techalerts/TA06-333A.html

http://www.trustix.org/errata/2005/0070

http://www.securityfocus.com/bid/15629

http://www.securityfocus.com/archive/1/438726/100/0/threaded

http://www.securityfocus.com/archive/1/418333/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2005-881.html

http://www.redhat.com/support/errata/RHSA-2005-880.html

http://www.osvdb.org/22255

http://www.osvdb.org/21345

http://www.openpkg.org/security/OpenPKG-SA-2005.025-perl.html

http://www.openbsd.org/errata37.html#perl

http://www.novell.com/linux/security/advisories/2005_71_perl.html

http://www.novell.com/linux/security/advisories/2005_29_sr.html

http://www.mandriva.com/security/advisories?name=MDKSA-2005:225

http://www.kb.cert.org/vuls/id/948385

http://www.ipcop.org/index.php?name=News&file=article&sid=41

http://www.gentoo.org/security/en/glsa/glsa-200512-01.xml

http://www.dyadsecurity.com/perl-0002.html

http://www.debian.org/security/2006/dsa-943

http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102192-1

http://secunia.com/advisories/31208

http://secunia.com/advisories/23155

http://secunia.com/advisories/20894

http://secunia.com/advisories/19041

http://secunia.com/advisories/18517

http://secunia.com/advisories/18413

http://secunia.com/advisories/18295

http://secunia.com/advisories/18187

http://secunia.com/advisories/18183

http://secunia.com/advisories/18075

http://secunia.com/advisories/17993

http://secunia.com/advisories/17952

http://secunia.com/advisories/17941

http://secunia.com/advisories/17844

http://secunia.com/advisories/17802

http://secunia.com/advisories/17762

http://marc.info/?l=full-disclosure&m=113342788118630&w=2

http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html

http://docs.info.apple.com/article.html?artnum=304829

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056

Details

Source: Mitre, NVD

Published: 2005-12-01

Updated: 2018-10-19

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical