Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174684 Summary: Perl integer overflow issue Product: Fedora Core Version: fc4 Platform: All OS/Version: Linux Status: NEW Severity: security Priority: normal Component: perl AssignedTo: jvdias@xxxxxxxxxx ReportedBy: bressers@xxxxxxxxxx QAContact: dkl@xxxxxxxxxx CC: fedora-perl-devel-list@xxxxxxxxxx Perl integer overflow issue There exists an integer overflow problem in Perl which can lead to a string format issue. If a large enough integer is supplied to a printf statement which uses the %n conversion, it may be possible to execute arbitrary code. This problem will not be easy to remotely exploit as a very poorly written script will first be needed. http://marc.theaimsgroup.com/?l=full-disclosure&m=113342788118630&w=2 Doesn't Affec: RHEL2.1 This issue also affects FC3 -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
