DEBIAN-CVE-2005-3962

Advisory lineage Upstream: 1 Downstream: 1

Upstream

CVE-2005-3962

Downstream

DSA-943-1

Published: 01 Dec 2005, 17:03

Last modified:28 Apr 2026, 20:08

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

01 Dec 2005, 17:03

Published

Vulnerability first disclosed

28 Apr 2026, 20:08

Last Modified

Vulnerability information updated

Description

Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.

Affected Systems

debian•perl
< 5.8.7-9 | < 5.8.7-9 | < 5.8.7-9 | < 5.8.7-9

References (1)

https://security-tracker.debian.org/tracker/CVE-2005-3962