Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174684
Summary: Perl integer overflow issue
Product: Fedora Core
Version: fc4
Platform: All
OS/Version: Linux
Status: NEW
Severity: security
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: bressers(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list(a)redhat.com
Perl integer overflow issue
There exists an integer overflow problem in Perl which can lead to a
string format issue. If a large enough integer is supplied to a
printf statement which uses the %n conversion, it may be possible to
execute arbitrary code. This problem will not be easy to remotely
exploit as a very poorly written script will first be needed.
http://marc.theaimsgroup.com/?l=full-disclosure&m=113342788118630&...
Doesn't Affec: RHEL2.1
This issue also affects FC3
--
Configure bugmail:
https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.