CVE-2008-2662
Publication date 24 June 2008
Last updated 24 July 2024
Ubuntu priority
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change.
Status
Package | Ubuntu Release | Status |
---|---|---|
ruby1.8 | ||
ruby1.9 | ||
References
Related Ubuntu Security Notices (USN)
- USN-621-1
- Ruby vulnerabilities
- 26 June 2008