4.6

CVE-2005-3962

Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PerlPerl Version5.8.6
PerlPerl Version5.9.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.37% 0.684
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
http://secunia.com/advisories/18517
Vendor Advisory
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056
http://secunia.com/advisories/18075
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-881.html
Vendor Advisory
http://www.trustix.org/errata/2005/0070
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch
http://docs.info.apple.com/article.html?artnum=304829
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
http://marc.info/?l=full-disclosure&m=113342788118630&w=2
http://secunia.com/advisories/17762
Vendor Advisory
http://secunia.com/advisories/17802
Vendor Advisory
http://secunia.com/advisories/17844
Vendor Advisory
http://secunia.com/advisories/17941
Vendor Advisory
http://secunia.com/advisories/17952
Vendor Advisory
http://secunia.com/advisories/17993
Vendor Advisory
http://secunia.com/advisories/18183
Vendor Advisory
http://secunia.com/advisories/18187
Vendor Advisory
http://secunia.com/advisories/18295
Vendor Advisory
http://secunia.com/advisories/18413
Vendor Advisory
http://secunia.com/advisories/19041
Vendor Advisory
http://secunia.com/advisories/20894
Vendor Advisory
http://secunia.com/advisories/23155
Vendor Advisory
http://secunia.com/advisories/31208
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102192-1
http://www.debian.org/security/2006/dsa-943
http://www.dyadsecurity.com/perl-0002.html
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200512-01.xml
http://www.ipcop.org/index.php?name=News&file=article&sid=41
http://www.kb.cert.org/vuls/id/948385
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2005:225
http://www.novell.com/linux/security/advisories/2005_29_sr.html
http://www.novell.com/linux/security/advisories/2005_71_perl.html
http://www.openbsd.org/errata37.html#perl
http://www.openpkg.org/security/OpenPKG-SA-2005.025-perl.html
http://www.osvdb.org/21345
http://www.osvdb.org/22255
http://www.redhat.com/support/errata/RHSA-2005-880.html
Vendor Advisory
http://www.securityfocus.com/archive/1/418333/100/0/threaded
http://www.securityfocus.com/archive/1/438726/100/0/threaded
http://www.securityfocus.com/bid/15629
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
US Government Resource
http://www.vupen.com/english/advisories/2005/2688
http://www.vupen.com/english/advisories/2006/0771
http://www.vupen.com/english/advisories/2006/2613
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4750
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10598
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1074
https://usn.ubuntu.com/222-1/
https://www.redhat.com/archives/fedora-legacy-announce/2006-February/msg00008.html