CVE-2008-2726

Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.

Published: Jun 24, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-2726
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
ruby-lang / ruby	-	1.8.4.x
ruby-lang / ruby	1.8.6	1.8.6.230
ruby-lang / ruby	1.8.7	1.8.7.22
ruby-lang / ruby	1.9.0	1.9.0.2
ruby-lang / ruby	1.8.5	1.8.5.231
debian / debian_linux	4.0	4.0.x
canonical / ubuntu_linux	6.06	6.06.x
canonical / ubuntu_linux	7.04	7.04.x
canonical / ubuntu_linux	7.10	7.10.x
canonical / ubuntu_linux	8.04	8.04.x

Vulnerability Database

289,697

CVE-2008-2726