Perl suffers from an integer wrap overflow inside the explicit parameter format string functionality. Perl 5.9.2 and perl 5.8.6 have been tested and found to be vulnerable on linux, freebsd, dragonflybsd on the ia32 platform. It is assumed that a much larger range of software and platforms are also affected, as the sv.c seems to remain seemingly static over time, however this is not confirmed.
98a5e4cc8d4e001a73593d476e2797bd0bb7e8f6e5f99d6bb0d89698243d92ee