CVE-2008-2663 (retired)

Priority
Description
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and
earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before
1.8.7-p22 allow context-dependent attackers to execute arbitrary code or
cause a denial of service via unknown vectors, a different issue than
CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624,
there has been inconsistent usage of multiple CVE identifiers related to
Ruby. The CVE description should be regarded as authoritative, although it
is likely to change.
Assigned-to
jdstrand
Package
Upstream:released (1.8.7.22-1)
Package
Upstream:released (1.9.0.2-1)
More Information

Updated: 2019-03-26 11:44:11 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)