Description
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
Remediation
References
Related Vulnerabilities
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35239)
Oracle Database Server CVE-2011-0881 Vulnerability (CVE-2011-0881)
Oracle Database Server CVE-2015-0457 Vulnerability (CVE-2015-0457)
Oracle HTTP Server Other Vulnerability (CVE-2004-2115)
WordPress Plugin Protected Posts Logout Button Cross-Site Request Forgery (1.4.4)