4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
51.1%
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in
Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory
and possibly execute arbitrary code via format string specifiers with large
values, which causes an integer wrap and leads to a buffer overflow, as
demonstrated using format string vulnerabilities in Perl applications.