Hi! The CVE number CVE-2005-3962 has been assigned to this. Please mention this number in the changelog when you fix this.
Thanks, Martin ====================================================== Name: CVE-2005-3962 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3962 Reference: FULLDISC:20051201 Perl format string integer wrap vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=full-disclosure&m=113342788118630&w=2 Reference: MISC:http://www.dyadsecurity.com/perl-0002.html Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, as demonstrated using format string vulnerabilities in Perl applications. -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntu.com Debian Developer http://www.debian.org In a world without walls and fences, who needs Windows and Gates?
signature.asc
Description: Digital signature
