Mandriva Linux Security Advisory : ruby (MDVSA-2008:140)

Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and earlier, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing 1 + plus...

ruby: integer overflows in rb_ary_fill() / Array#fill

Integer overflow in the rbaryfill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service crash or possibly have unspecified other impact via a call to the Arrayfill method with a start aka beg argument greater than ARYMAXSIZE. NOTE: this...

Integer overflow

Integer overflow in the rbaryfill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service crash or possibly have unspecified other impact via a call to the Arrayfill method with a start aka beg argument greater than ARYMAXSIZE. NOTE: this...

CVE-2008-2376

CVE-2008-2376 is an integer overflow in Ruby’s rb_ary_fill (array.c) that affects Ruby before revision 17756, allowing context-dependent attackers to cause a crash or potentially other impact via Array#fill when start (beg) > ARY_MAX_SIZE. The issue arises from an incomplete fix for related ov...

Ruby rb_ary_fill()函数远程拒绝服务漏洞

BUGTRAQ ID: 30036 Ruby是一种功能强大的面向对象的脚本语言。 Ruby的rbaryfill函数中存在整数溢出漏洞： rbarymodifyary; end = beg + len; if end 0 rbraiserbeArgError, "argument too big"; if end RARRAYary-len if end = RARRAYary-aux.capa REALLOCNRARRAYary-ptr, VALUE, end; RARRAYary-aux.capa = end;...