// For flags

CVE-2005-3962

 

Severity Score

4.6
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2005-12-01 CVE Reserved
  • 2005-12-01 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-189: Numeric Errors
CAPEC
References (54)
URL Date SRC
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U 2018-10-19
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056 2018-10-19
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html 2018-10-19
http://secunia.com/advisories/17762 2018-10-19
http://secunia.com/advisories/17802 2018-10-19
http://secunia.com/advisories/17844 2018-10-19
http://secunia.com/advisories/17941 2018-10-19
http://secunia.com/advisories/17952 2018-10-19
http://secunia.com/advisories/17993 2018-10-19
http://secunia.com/advisories/18075 2018-10-19
http://secunia.com/advisories/18183 2018-10-19
http://secunia.com/advisories/18187 2018-10-19
http://secunia.com/advisories/18295 2018-10-19
http://secunia.com/advisories/18413 2018-10-19
http://secunia.com/advisories/18517 2018-10-19
http://secunia.com/advisories/19041 2018-10-19
http://secunia.com/advisories/20894 2018-10-19
http://secunia.com/advisories/23155 2018-10-19
http://secunia.com/advisories/31208 2018-10-19
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102192-1 2018-10-19
http://www.debian.org/security/2006/dsa-943 2018-10-19
http://www.gentoo.org/security/en/glsa/glsa-200512-01.xml 2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2005:225 2018-10-19
http://www.novell.com/linux/security/advisories/2005_29_sr.html 2018-10-19
http://www.novell.com/linux/security/advisories/2005_71_perl.html 2018-10-19
http://www.openbsd.org/errata37.html#perl 2018-10-19
http://www.openpkg.org/security/OpenPKG-SA-2005.025-perl.html 2018-10-19
http://www.redhat.com/support/errata/RHSA-2005-880.html 2018-10-19
http://www.redhat.com/support/errata/RHSA-2005-881.html 2018-10-19
http://www.securityfocus.com/archive/1/438726/100/0/threaded 2018-10-19
http://www.trustix.org/errata/2005/0070 2018-10-19
http://www.vupen.com/english/advisories/2006/2613 2018-10-19
https://usn.ubuntu.com/222-1 2018-10-19
https://www.redhat.com/archives/fedora-legacy-announce/2006-February/msg00008.html 2018-10-19
https://access.redhat.com/security/cve/CVE-2005-3962 2005-12-20
https://bugzilla.redhat.com/show_bug.cgi?id=1617848 2005-12-20
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Perl
Search vendor "Perl"
Perl
Search vendor "Perl" for product "Perl"
5.8.6
Search vendor "Perl" for product "Perl" and version "5.8.6"
-
Affected
Perl
Search vendor "Perl"
Perl
Search vendor "Perl" for product "Perl"
5.9.2
Search vendor "Perl" for product "Perl" and version "5.9.2"
-
Affected