Contents

---
engine: ruby
cve: 2008-2725
osvdb: 46553
url: http://www.osvdb.org/show/osvdb/46553
title: Ruby rb_ary_splice Function REALLOC_N Overflow
date: 2008-06-20
description: |
  Integer overflow in the (1) rb_ary_splice function
  in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and
  1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent
  attackers to trigger memory corruption via unspecified vectors, aka the "REALLOC_N"
  variant, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2664.
  NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers
  related to Ruby. The CVE description should be regarded as authoritative, although
  it is likely to change.
cvss_v2: 7.8
patched_versions:
  - ~> 1.8.5.231
  - ~> 1.8.6.230
  - ~> 1.8.7.22
  - ">= 1.9.0.2"

Version data entries

6 entries across 6 versions & 2 rubygems

Version	Path
bundler-audit-0.7.0.1	data/ruby-advisory-db/rubies/ruby/CVE-2008-2725.yml
bundler-budit-0.6.2	data/ruby-advisory-db/rubies/ruby/OSVDB-46553.yml
bundler-budit-0.6.1	data/ruby-advisory-db/rubies/ruby/OSVDB-46553.yml
bundler-audit-0.6.1	data/ruby-advisory-db/rubies/ruby/OSVDB-46553.yml
bundler-audit-0.6.0	data/ruby-advisory-db/rubies/ruby/OSVDB-46553.yml
bundler-audit-0.5.0	data/ruby-advisory-db/rubies/ruby/OSVDB-46553.yml