DescriptionInteger overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SA:2005:071, published Tue, 20 Dec 2005 16:00:00 +0000
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA perl-32bit-5.34.0-1.1
SUSE Timeline for this CVECVE page created: Fri Jun 28 02:33:29 2013
CVE page last modified: Fri Oct 7 12:45:32 2022