CVE-2005-3962 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2005-3962 Interim 1 6 2022-10-15T18:34:07Z current 2021-05-30T12:34:23Z 2022-10-15T18:34:07Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2005-3962 Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2005-12/msg00015.html E-Mail link for SUSE-SA:2005:071 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed perl-32bit-5.34.0-1.1 perl-5.34.0-1.1 perl-base-32bit-5.34.0-1.1 perl-base-5.34.0-1.1 perl-doc-5.34.0-1.1 perl-5.34.0-1.1 as a component of openSUSE Tumbleweed perl-32bit-5.34.0-1.1 as a component of openSUSE Tumbleweed perl-base-5.34.0-1.1 as a component of openSUSE Tumbleweed perl-base-32bit-5.34.0-1.1 as a component of openSUSE Tumbleweed perl-doc-5.34.0-1.1 as a component of openSUSE Tumbleweed Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications. CVE-2005-3962 openSUSE Tumbleweed:perl-5.34.0-1.1 openSUSE Tumbleweed:perl-32bit-5.34.0-1.1 openSUSE Tumbleweed:perl-base-5.34.0-1.1 openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1 openSUSE Tumbleweed:perl-doc-5.34.0-1.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P