Showing 1 - 4 of 4

CVE-2005-3962

Status Candidate

Overview

Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.

Related Files

HP Security Bulletin 2006-11.5: Posted Jul 2, 2006; Authored by Hewlett Packard | Site hp.com; HP Security Bulletin - Potential security vulnerabilities have been identified in Perl 5.8.2 and earlier running on HP Tru64 UNIX. These vulnerabilities could be exploited by a local user to execute unauthorized code.; tags | advisory, local, perl, vulnerability; systems | unix; advisories | CVE-2005-3962; SHA-256 | d23a8ee6f8d087198ee77c28904792640cf69c9be7a9730cfe5d3211938739c9; Download | Favorite | View

Debian Linux Security Advisory 943-1: Posted Jan 22, 2006; Authored by Debian | Site debian.org; Debian Security Advisory DSA 943-1 - Jack Louis discovered an integer overflow in Perl, Larry Wall's Practical Extraction and Report Language, that allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via specially crafted content that is passed to vulnerable format strings of third party software.; tags | advisory, overflow, arbitrary, perl; systems | linux, debian; advisories | CVE-2005-3962; SHA-256 | 418585b662fa3f0b96fc83f0a0222571bfad3e5b4be53af7f5c8f8187924280a; Download | Favorite | View

Trustix Secure Linux Security Advisory 2005.70: Posted Dec 14, 2005; Authored by Trustix | Site http.trustix.org; Trustix Secure Linux Security Advisory #2005-0070 - Multiple kernel vulnerabilities and a perl vulnerability have been addressed in this advisory.; tags | advisory, kernel, perl, vulnerability; systems | linux; advisories | CVE-2005-3807, CVE-2005-3784, CVE-2005-3857, CVE-2005-3962; SHA-256 | 9fb8586d1071b91a0ddf0e2fd5bab8c2f75ccfb7324332719c2e70603832cd40; Download | Favorite | View

Ubuntu Security Notice 222-1: Posted Dec 3, 2005; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-222-1 - Jack Louis of Dyad Security discovered that Perl did not sufficiently check the explicit length argument in format strings. Specially crafted format strings with overly large length arguments led to a crash of the Perl interpreter or even to execution of arbitrary attacker-defined code with the privileges of the user running the Perl program.; tags | advisory, arbitrary, perl; systems | linux, ubuntu; advisories | CVE-2005-3962; SHA-256 | bfe55a56e657241ef7dc2839ec85a1d525daa274af5d85c1db814fa6967a6512; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 305 files
Ubuntu 67 files
Debian 23 files
Gentoo 8 files
LiquidWorm 6 files
Apple 5 files
Google Security Research 5 files
Spencer McIntyre 3 files
Ivan Fratric 3 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CVE-2005-3962

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems