VDB
CVE-2005-3962
CVE-2005-3962
PUBLISHED
Reported by redhat · Published December 1, 2005
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
Timeline
- Dec 1, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 3, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
References
- ADV-2006-4750 vdb-entryx_refsource_VUPEN
- oval:org.mitre.oval:def:1074 vdb-entrysignaturex_refsource_OVAL
- VU#948385 third-party-advisoryx_refsource_CERT-VN
- 22255 vdb-entryx_refsource_OSVDB
- 17941 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- 20051201 Perl format string integer wrap vulnerability mailing-listx_refsource_BUGTRAQ
- HPSBTU02125 vendor-advisoryx_refsource_HP
- 20051201 Perl format string integer wrap vulnerability mailing-listx_refsource_FULLDISC
- ADV-2005-2688 vdb-entryx_refsource_VUPEN
- x_refsource_MISC
- 21345 vdb-entryx_refsource_OSVDB
- 15629 vdb-entryx_refsource_BID
- RHSA-2005:881 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
- oval:org.mitre.oval:def:10598 vdb-entrysignaturex_refsource_OVAL
- DSA-943 vendor-advisoryx_refsource_DEBIAN
- [3.7] 20060105 007: SECURITY FIX: January 5, 2006 vendor-advisoryx_refsource_OPENBSD
- 17993 third-party-advisoryx_refsource_SECUNIA
- 18075 third-party-advisoryx_refsource_SECUNIA
…and 32 more