CVE-2008-2663
Description
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
Risk Information
Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.283
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Ruby update (ELSA-2023-7025) ruby-2.5.9-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Ruby update (ELSA-2023-7025) ruby-2.5.9-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Ruby-devel update (ELSA-2023-7025) ruby-devel-2.5.9-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Ruby-devel update (ELSA-2023-7025) ruby-devel-2.5.9-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Ruby-doc update (ELSA-2023-7025) ruby-doc-2.5.9-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Ruby-irb update (ELSA-2023-7025) ruby-irb-2.5.9-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Ruby-libs update (ELSA-2023-7025) ruby-libs-2.5.9-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Ruby-libs update (ELSA-2023-7025) ruby-libs-2.5.9-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-abrt update (ELSA-2023-7025) rubygem-abrt-0.3.0-4.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-abrt-doc update (ELSA-2023-7025) rubygem-abrt-doc-0.3.0-4.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-bigdecimal update (ELSA-2023-7025) rubygem-bigdecimal-1.3.4-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Rubygem-bigdecimal update (ELSA-2023-7025) rubygem-bigdecimal-1.3.4-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-bson update (ELSA-2023-7025) rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-bson-doc update (ELSA-2023-7025) rubygem-bson-doc-4.3.0-2.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-bundler update (ELSA-2023-7025) rubygem-bundler-1.16.1-4.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-bundler-doc update (ELSA-2023-7025) rubygem-bundler-doc-1.16.1-4.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-did_you_mean update (ELSA-2023-7025) rubygem-did_you_mean-1.2.0-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-io-console update (ELSA-2023-7025) rubygem-io-console-0.4.6-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Rubygem-io-console update (ELSA-2023-7025) rubygem-io-console-0.4.6-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-json update (ELSA-2023-7025) rubygem-json-2.1.0-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Rubygem-json update (ELSA-2023-7025) rubygem-json-2.1.0-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-minitest update (ELSA-2023-7025) rubygem-minitest-5.10.3-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-mongo update (ELSA-2023-7025) rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-mongo-doc update (ELSA-2023-7025) rubygem-mongo-doc-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-mysql2 update (ELSA-2023-7025) rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-mysql2-doc update (ELSA-2023-7025) rubygem-mysql2-doc-0.4.10-4.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-net-telnet update (ELSA-2023-7025) rubygem-net-telnet-0.1.1-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-openssl update (ELSA-2023-7025) rubygem-openssl-2.1.2-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Rubygem-openssl update (ELSA-2023-7025) rubygem-openssl-2.1.2-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-pg update (ELSA-2023-7025) rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-pg-doc update (ELSA-2023-7025) rubygem-pg-doc-1.0.0-3.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-power_assert update (ELSA-2023-7025) rubygem-power_assert-1.1.1-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-psych update (ELSA-2023-7025) rubygem-psych-3.0.2-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Rubygem-psych update (ELSA-2023-7025) rubygem-psych-3.0.2-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-rake update (ELSA-2023-7025) rubygem-rake-12.3.3-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-rdoc update (ELSA-2023-7025) rubygem-rdoc-6.0.1.1-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-test-unit update (ELSA-2023-7025) rubygem-test-unit-3.2.7-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-xmlrpc update (ELSA-2023-7025) rubygem-xmlrpc-0.3.0-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygems update (ELSA-2023-7025) rubygems-2.7.6.3-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygems-devel update (ELSA-2023-7025) rubygems-devel-2.7.6.3-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-json update (ELSA-2025-4063) rubygem-json-2.6.1-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Rubygem-json update (ELSA-2025-4063) rubygem-json-2.6.1-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-irb update (ELSA-2025-4063) rubygem-irb-1.4.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-io-console update (ELSA-2025-4063) rubygem-io-console-0.5.11-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Rubygem-io-console update (ELSA-2025-4063) rubygem-io-console-0.5.11-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-bundler update (ELSA-2025-4063) rubygem-bundler-2.3.27-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-bigdecimal update (ELSA-2025-4063) rubygem-bigdecimal-3.1.1-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Rubygem-bigdecimal update (ELSA-2025-4063) rubygem-bigdecimal-3.1.1-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-abrt-doc update (ELSA-2025-4063) rubygem-abrt-doc-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm | Linux |
| Rubygem-mysql2 update (ELSA-2025-4063) rubygem-mysql2-0.5.3-2.module+el8.7.0+20780+b11ff321.x86_64.rpm | Linux |
| Ruby-libs update (ELSA-2025-4063) ruby-libs-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Ruby-libs update (ELSA-2025-4063) ruby-libs-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Ruby-doc update (ELSA-2025-4063) ruby-doc-3.1.7-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Ruby-devel update (ELSA-2025-4063) ruby-devel-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Ruby-devel update (ELSA-2025-4063) ruby-devel-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Ruby-default-gems update (ELSA-2025-4063) ruby-default-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Ruby-bundled-gems update (ELSA-2025-4063) ruby-bundled-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Ruby-bundled-gems update (ELSA-2025-4063) ruby-bundled-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Ruby update (ELSA-2025-4063) ruby-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Ruby update (ELSA-2025-4063) ruby-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-abrt update (ELSA-2025-4063) rubygem-abrt-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm | Linux |
| Rubygems-devel update (ELSA-2025-4063) rubygems-devel-3.3.27-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygems update (ELSA-2025-4063) rubygems-3.3.27-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-typeprof update (ELSA-2025-4063) rubygem-typeprof-0.21.3-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-test-unit update (ELSA-2025-4063) rubygem-test-unit-3.5.3-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-rss update (ELSA-2025-4063) rubygem-rss-0.3.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-rexml update (ELSA-2025-4063) rubygem-rexml-3.3.9-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-rdoc update (ELSA-2025-4063) rubygem-rdoc-6.4.1.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-rbs update (ELSA-2025-4063) rubygem-rbs-2.7.0-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Rubygem-rbs update (ELSA-2025-4063) rubygem-rbs-2.7.0-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-rake update (ELSA-2025-4063) rubygem-rake-13.0.6-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-psych update (ELSA-2025-4063) rubygem-psych-4.0.4-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Rubygem-psych update (ELSA-2025-4063) rubygem-psych-4.0.4-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-power_assert update (ELSA-2025-4063) rubygem-power_assert-2.0.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-pg-doc update (ELSA-2025-4063) rubygem-pg-doc-1.3.2-1.module+el8.7.0+20780+b11ff321.noarch.rpm | Linux |
| Rubygem-pg update (ELSA-2025-4063) rubygem-pg-1.3.2-1.module+el8.7.0+20780+b11ff321.x86_64.rpm | Linux |
| Rubygem-mysql2-doc update (ELSA-2025-4063) rubygem-mysql2-doc-0.5.3-2.module+el8.7.0+20780+b11ff321.noarch.rpm | Linux |
| Rubygem-minitest update (ELSA-2025-4063) rubygem-minitest-5.15.0-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234