CVE-2005-3962

Source
https://nvd.nist.gov/vuln/detail/CVE-2005-3962
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2005-3962.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2005-3962
Related
Published
2005-12-01T17:03:00Z
Modified
2024-06-30T12:01:22Z
Summary
[none]
Details

Integer overflow in the format string functionality (Perlsvvcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.

References

Affected packages

Debian:11 / perl

Package

Name
perl
Purl
pkg:deb/debian/perl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.8.7-9

Ecosystem specific

{
    "urgency": "medium"
}

Debian:12 / perl

Package

Name
perl
Purl
pkg:deb/debian/perl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.8.7-9

Ecosystem specific

{
    "urgency": "medium"
}

Debian:13 / perl

Package

Name
perl
Purl
pkg:deb/debian/perl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.8.7-9

Ecosystem specific

{
    "urgency": "medium"
}