{"vuid":"VU#948385","idnumber":"948385","name":"Perl contains an integer sign error in format string processing","keywords":["Perl","integer wraparound","integer wrap overflow","arbitrary code execution","efix variable","Perl_sv_vcatpvfn","format string","apple-2006-007"],"overview":"The Perl interpreter contains a flaw that may increase the impact of format string vulnerabilities in programs written in Perl.","clean_desc":"Perl is a programming language used in many applications and commonly used for web applications. The Perl interpreter, which interprets and executes Perl programs, contains an integer sign error in its format string processing for formatted I/O.","impact":"An attacker may leverage this vulnerability to increase the impact a format string vulnerability in a Perl program. This vulnerability in the Perl interpreter is not directly exploitable.","resolution":"Patch the Perl interpreter per vendor instructions.","workarounds":"","sysaffected":"","thanks":"Thanks to Jack Louis of \nDyad Security, Inc. for reporting this vulnerability.","author":"This document was written by Hal Burch.","public":["http://www.dyadsecurity.com/perl-0002.html","http://secunia.com/advisories/17802/"],"cveids":["CVE-2005-3962"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2005-12-01T19:11:52Z","publicdate":"2005-12-01T00:00:00Z","datefirstpublished":"2005-12-06T19:14:13Z","dateupdated":"2012-08-30T18:58:28Z","revision":40,"vrda_d1_directreport":"0","vrda_d1_population":"4","vrda_d1_impact":"4","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"--","cvss_accesscomplexity":"--","cvss_authentication":null,"cvss_confidentialityimpact":"--","cvss_integrityimpact":"--","cvss_availabilityimpact":"--","cvss_exploitablity":null,"cvss_remediationlevel":"ND","cvss_reportconfidence":"ND","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"ND","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"0","cvss_basevector":"AV:--/AC:--/Au:--/C:--/I:--/A:--","cvss_temporalscore":"0","cvss_environmentalscore":"0","cvss_environmentalvector":"CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}