CVE-2005-3962 Information

Feb 14, 2021 cve

Description

Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values which causes an integer wrap and leads to a buffer overflow as demonstrated using format string vulnerabilities in Perl applications.

Reference

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056 http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://marc.info/?l=full-disclosure&m=113342788118630&w=2 http://secunia.com/advisories/17762 http://secunia.com/advisories/17802 http://secunia.com/advisories/17844 http://secunia.com/advisories/17941 http://secunia.com/advisories/17952 http://secunia.com/advisories/17993 http://secunia.com/advisories/18075 http://secunia.com/advisories/18183 http://secunia.com/advisories/18187 http://secunia.com/advisories/18295 http://secunia.com/advisories/18413 http://secunia.com/advisories/18517 http://secunia.com/advisories/19041 http://secunia.com/advisories/20894 http://secunia.com/advisories/23155 http://secunia.com/advisories/31208 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102192-1 http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www.debian.org/security/2006/dsa-943 http://www.dyadsecurity.com/perl-0002.html http://www.gentoo.org/security/en/glsa/glsa-200512-01.xml http://www.ipcop.org/index.php?name=News&file=article&sid=41 http://www.kb.cert.org/vuls/id/948385 http://www.mandriva.com/security/advisories?name=MDKSA-2005:225 http://www.novell.com/linux/security/advisories/2005_29_sr.html http://www.novell.com/linux/security/advisories/2005_71_perl.html http://www.openbsd.org/errata37.htmlperl http://www.openpkg.org/security/OpenPKG-SA-2005.025-perl.html http://www.osvdb.org/21345 http://www.osvdb.org/22255 http://www.redhat.com/support/errata/RHSA-2005-880.html http://www.redhat.com/support/errata/RHSA-2005-881.html http://www.securityfocus.com/archive/1/418333/100/0/threaded http://www.securityfocus.com/archive/1/438726/100/0/threaded http://www.securityfocus.com/bid/15629 http://www.trustix.org/errata/2005/0070 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2005/2688 http://www.vupen.com/english/advisories/2006/0771 http://www.vupen.com/english/advisories/2006/2613 http://www.vupen.com/english/advisories/2006/4750 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10598 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1074 https://usn.ubuntu.com/222-1/ https://www.redhat.com/archives/fedora-legacy-announce/2006-February/msg00008.html

Share on: