Description
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.
Remediation
References
Related Vulnerabilities
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4111)
Oracle Database Server CVE-2009-1967 Vulnerability (CVE-2009-1967)
WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1)
WordPress Plugin Inline Tweet Sharer-Twitter Sharing Cross-Site Scripting (2.5.3)
WordPress Improper Input Validation Vulnerability (CVE-2013-5738)