Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2005-3962

Date: December 1, 2005

Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.

Severity Score

Related Resources (55)

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056
https://people.canonical.com/~ubuntu-security/cve/CVE-2005-3962
http://www.trustix.org/errata/2005/0070
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
http://secunia.com/advisories/17952
http://www.mandriva.com/security/advisories?name=MDKSA-2005:225
http://secunia.com/advisories/17993
https://usn.ubuntu.com/222-1/
http://www.kb.cert.org/vuls/id/948385
http://www.securityfocus.com/bid/15629
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch
http://www.openbsd.org/errata37.html#perl
http://secunia.com/advisories/18295
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
http://www.vupen.com/english/advisories/2006/2613
http://secunia.com/advisories/23155
http://www.securityfocus.com/archive/1/438726/100/0/threaded
http://www.vupen.com/english/advisories/2006/4750
http://secunia.com/advisories/17802
http://www.osvdb.org/21345
http://secunia.com/advisories/17844
http://secunia.com/advisories/17762
http://secunia.com/advisories/18413
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1074
http://secunia.com/advisories/20894
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch
http://secunia.com/advisories/18187
http://www.novell.com/linux/security/advisories/2005_29_sr.html
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
https://www.redhat.com/archives/fedora-legacy-announce/2006-February/msg00008.html
http://secunia.com/advisories/18183
http://www.debian.org/security/2006/dsa-943
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102192-1
http://www.dyadsecurity.com/perl-0002.html
http://docs.info.apple.com/article.html?artnum=304829
http://marc.info/?l=full-disclosure&m=113342788118630&w=2
http://www.novell.com/linux/security/advisories/2005_71_perl.html
http://www.redhat.com/support/errata/RHSA-2005-881.html
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://secunia.com/advisories/18075
http://secunia.com/advisories/31208
http://secunia.com/advisories/19041
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10598
https://nvd.nist.gov/vuln/detail/CVE-2005-3962
http://www.gentoo.org/security/en/glsa/glsa-200512-01.xml
http://www.vupen.com/english/advisories/2006/0771
http://www.securityfocus.com/archive/1/418333/100/0/threaded
http://secunia.com/advisories/18517
http://www.ipcop.org/index.php?name=News&file=article&sid=41
http://www.osvdb.org/22255
http://secunia.com/advisories/17941
http://www.vupen.com/english/advisories/2005/2688
http://www.openpkg.org/security/OpenPKG-SA-2005.025-perl.html
http://www.redhat.com/support/errata/RHSA-2005-880.html
https://www.mend.io/vulnerability-database/CVE-2005-3962

Severity Score

Weakness Type (CWE)

Numeric Errors

CWE-189

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): LOW

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us