Search for vulnerabilities
Vulnerability details: VCID-hdq3-p43f-aaaq
Vulnerability ID VCID-hdq3-p43f-aaaq
Aliases CVE-2005-3962
Summary Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2005:880
rhas Moderate https://access.redhat.com/errata/RHSA-2005:881
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.00819 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
epss 0.01015 https://api.first.org/data/v1/epss?cve=CVE-2005-3962
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1617848
cvssv2 4.6 https://nvd.nist.gov/vuln/detail/CVE-2005-3962
Reference id Reference type URL
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056
http://docs.info.apple.com/article.html?artnum=304829
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
http://marc.info/?l=full-disclosure&m=113342788118630&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3962.json
https://api.first.org/data/v1/epss?cve=CVE-2005-3962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3962
http://secunia.com/advisories/17762
http://secunia.com/advisories/17802
http://secunia.com/advisories/17844
http://secunia.com/advisories/17941
http://secunia.com/advisories/17952
http://secunia.com/advisories/17993
http://secunia.com/advisories/18075
http://secunia.com/advisories/18183
http://secunia.com/advisories/18187
http://secunia.com/advisories/18295
http://secunia.com/advisories/18413
http://secunia.com/advisories/18517
http://secunia.com/advisories/19041
http://secunia.com/advisories/20894
http://secunia.com/advisories/23155
http://secunia.com/advisories/31208
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10598
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1074
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102192-1
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
https://usn.ubuntu.com/222-1/
https://www.redhat.com/archives/fedora-legacy-announce/2006-February/msg00008.html
http://www.debian.org/security/2006/dsa-943
http://www.dyadsecurity.com/perl-0002.html
http://www.gentoo.org/security/en/glsa/glsa-200512-01.xml
http://www.ipcop.org/index.php?name=News&file=article&sid=41
http://www.kb.cert.org/vuls/id/948385
http://www.mandriva.com/security/advisories?name=MDKSA-2005:225
http://www.novell.com/linux/security/advisories/2005_29_sr.html
http://www.novell.com/linux/security/advisories/2005_71_perl.html
http://www.openbsd.org/errata37.html#perl
http://www.openpkg.org/security/OpenPKG-SA-2005.025-perl.html
http://www.osvdb.org/21345
http://www.osvdb.org/22255
http://www.redhat.com/support/errata/RHSA-2005-880.html
http://www.redhat.com/support/errata/RHSA-2005-881.html
http://www.securityfocus.com/archive/1/418333/100/0/threaded
http://www.securityfocus.com/archive/1/438726/100/0/threaded
http://www.securityfocus.com/bid/15629
http://www.trustix.org/errata/2005/0070
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
http://www.vupen.com/english/advisories/2005/2688
http://www.vupen.com/english/advisories/2006/0771
http://www.vupen.com/english/advisories/2006/2613
http://www.vupen.com/english/advisories/2006/4750
1617848 https://bugzilla.redhat.com/show_bug.cgi?id=1617848
341542 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=341542
cpe:2.3:a:perl:perl:5.8.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:perl:perl:5.8.6:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:5.9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:perl:perl:5.9.2:*:*:*:*:*:*:*
CVE-2005-3962 https://nvd.nist.gov/vuln/detail/CVE-2005-3962
GLSA-200512-01 https://security.gentoo.org/glsa/200512-01
RHSA-2005:880 https://access.redhat.com/errata/RHSA-2005:880
RHSA-2005:881 https://access.redhat.com/errata/RHSA-2005:881
USN-222-2 https://usn.ubuntu.com/222-2/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2005-3962
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.52139
EPSS Score 0.00151
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.