3 matches found
CVE-2008-2664
CVE-2008-2664 details: In Ruby, the rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context‑dependent attackers to trigger memory corruption via unspecified vectors related to alloca. This ...
CVE-2008-2662
CVE-2008-2662 is a Ruby vulnerability: multiple integer overflows in rb_str_buf_append() across Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2. These overflows allow context-dependent attackers to execute arbitrary code o...
CVE-2008-2663
Ruby 1.8.4 and earlier (and 1.8.5-p231, 1.8.6-p230, 1.8.7-p22) are affected by an integer overflow in rb_ary_store that can enable context-dependent arbitrary code execution or a denial of service (CVE-2008-2663). The MiracleLinux, Oracle Linux, and Red Hat advisories in the connected documents r...