CVE-2008-2376

Impact:
Moderate
Public Date:
2008-07-01
CWE:
CWE-190
Bugzilla:
453589: CVE-2008-2376 ruby: integer overflows in rb_ary_fill() / Array#fill

The MITRE CVE dictionary describes this issue as:

Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.

Find out more about CVE-2008-2376 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (ruby) RHSA-2008:0562 2008-07-14
Red Hat Enterprise Linux 4 (ruby) RHSA-2008:0561 2008-07-14
Red Hat Enterprise Linux 2.1 (ruby) RHSA-2008:0562 2008-07-14
Red Hat Enterprise Linux 5 (ruby) RHSA-2008:0561 2008-07-14

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.