Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ruby 多个整数溢出漏洞
Vulnerability Description
Ruby是一种功能强大的面向对象的脚本语言。 Ruby 1.8.4 以及之前版本,1.8.5-p231 之前的1.8.5, 1.8.6-p230之前的 1.8.6,1.8.7-p22 之前的 1.8.7版本,1.9.0-2 之前 1.9.0 版本,其 rb_ary_splice 函数;以及 Ruby 1.6.X 版本,其 the rb_ary_replace 函数存在整数溢出漏洞,允许攻击者通过上下文关联造成内存破坏,也叫"beg + rlen"问题。注意:作为 20080624,出现了多个与 Ruby
CVSS Information
N/A
Vulnerability Type
N/A