Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2008-2376
Modified
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-09 Jul, 2008 | 00:41
Updated At-07 Nov, 2023 | 02:02

Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Red Hat, Inc.
redhat
>>fedora_8>>1.8.6.230
cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*
Ruby
ruby-lang
>>ruby>>1.8.6.230
cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/30927secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/31006secalert@redhat.com
N/A
http://secunia.com/advisories/31062secalert@redhat.com
N/A
http://secunia.com/advisories/31090secalert@redhat.com
N/A
http://secunia.com/advisories/31181secalert@redhat.com
N/A
http://secunia.com/advisories/31256secalert@redhat.com
N/A
http://secunia.com/advisories/32219secalert@redhat.com
N/A
http://secunia.com/advisories/33178secalert@redhat.com
N/A
http://security.gentoo.org/glsa/glsa-200812-17.xmlsecalert@redhat.com
N/A
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756secalert@redhat.com
N/A
http://wiki.rpath.com/Advisories:rPSA-2008-0218secalert@redhat.com
N/A
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218secalert@redhat.com
N/A
http://www.debian.org/security/2008/dsa-1612secalert@redhat.com
N/A
http://www.debian.org/security/2008/dsa-1618secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:140secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:141secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:142secalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2008/07/02/3secalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2008-0561.htmlsecalert@redhat.com
N/A
http://www.securityfocus.com/archive/1/494104/100/0/threadedsecalert@redhat.com
N/A
http://www.us-cert.gov/cas/techalerts/TA08-260A.htmlsecalert@redhat.com
US Government Resource
http://www.vupen.com/english/advisories/2008/2584secalert@redhat.com
N/A
https://issues.rpath.com/browse/RPL-2639secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863secalert@redhat.com
N/A
https://usn.ubuntu.com/651-1/secalert@redhat.com
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.htmlsecalert@redhat.com
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.htmlsecalert@redhat.com
N/A
Change History
0Changes found
Details not found