CVE-2005-3962 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2005-3962 Interim 1 13 2025-11-05T06:29:03Z current 2021-05-30T12:34:23Z 2025-11-05T06:29:03Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2005-3962 Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RW3JRMPPVZ55CEVI5UNG3Y55RFF6RKHG/#RW3JRMPPVZ55CEVI5UNG3Y55RFF6RKHG E-Mail link for SUSE-SA:2005:071 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 16.0 SUSE Linux Micro 6.0 SUSE Linux Micro 6.1 openSUSE Tumbleweed perl-32bit-5.34.0-1.1 perl-5.34.0-1.1 perl-5.38.2-1.52 perl-5.38.2-slfo.1.1_1.4 perl-5.42.0-160000.2.2 perl-base-32bit-5.34.0-1.1 perl-base-5.34.0-1.1 perl-base-5.38.2-1.52 perl-base-5.38.2-slfo.1.1_1.4 perl-base-5.42.0-160000.2.2 perl-doc-5.34.0-1.1 perl-doc-5.42.0-160000.2.2 perl-5.42.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 perl-base-5.42.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 perl-doc-5.42.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 perl-5.38.2-1.52 as a component of SUSE Linux Micro 6.0 perl-base-5.38.2-1.52 as a component of SUSE Linux Micro 6.0 perl-5.38.2-slfo.1.1_1.4 as a component of SUSE Linux Micro 6.1 perl-base-5.38.2-slfo.1.1_1.4 as a component of SUSE Linux Micro 6.1 perl-5.34.0-1.1 as a component of openSUSE Tumbleweed perl-32bit-5.34.0-1.1 as a component of openSUSE Tumbleweed perl-base-5.34.0-1.1 as a component of openSUSE Tumbleweed perl-base-32bit-5.34.0-1.1 as a component of openSUSE Tumbleweed perl-doc-5.34.0-1.1 as a component of openSUSE Tumbleweed Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications. CVE-2005-3962 SUSE Linux Enterprise Server 16.0:perl-5.42.0-160000.2.2 SUSE Linux Enterprise Server 16.0:perl-base-5.42.0-160000.2.2 SUSE Linux Enterprise Server 16.0:perl-doc-5.42.0-160000.2.2 SUSE Linux Micro 6.0:perl-5.38.2-1.52 SUSE Linux Micro 6.0:perl-base-5.38.2-1.52 SUSE Linux Micro 6.1:perl-5.38.2-slfo.1.1_1.4 SUSE Linux Micro 6.1:perl-base-5.38.2-slfo.1.1_1.4 openSUSE Tumbleweed:perl-5.34.0-1.1 openSUSE Tumbleweed:perl-32bit-5.34.0-1.1 openSUSE Tumbleweed:perl-base-5.34.0-1.1 openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1 openSUSE Tumbleweed:perl-doc-5.34.0-1.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P