U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2008-2664

Change History

Modified Analysis by NIST 11/01/2018 11:06:05 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions up to (including) 1.8.5-p230
     *cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions up to (including) 1.8.6-p229
     *cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions up to (including) 1.8.7-p21
     *cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions up to (including) 1.9.0-1
OR
     *cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions up to (including) 1.8.4
     *cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions from (excluding) 1.8.5 up to (excluding) 1.8.5.231
     *cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions from (including) 1.8.6 up to (excluding) 1.8.6.230
     *cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions from (including) 1.8.7 up to (excluding) 1.8.7.22
     *cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions from (including) 1.9.0 up to (excluding) 1.9.0.2
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
Changed Reference Type
http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/ No Types Assigned
http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/ Third Party Advisory
Changed Reference Type
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html No Types Assigned
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/30802 No Types Assigned
http://secunia.com/advisories/30802 Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/30831 No Types Assigned
http://secunia.com/advisories/30831 Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/30867 No Types Assigned
http://secunia.com/advisories/30867 Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/30875 No Types Assigned
http://secunia.com/advisories/30875 Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/30894 No Types Assigned
http://secunia.com/advisories/30894 Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/31062 No Types Assigned
http://secunia.com/advisories/31062 Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/31090 No Types Assigned
http://secunia.com/advisories/31090 Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/31181 No Types Assigned
http://secunia.com/advisories/31181 Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/31256 No Types Assigned
http://secunia.com/advisories/31256 Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/31687 No Types Assigned
http://secunia.com/advisories/31687 Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/33178 No Types Assigned
http://secunia.com/advisories/33178 Third Party Advisory
Changed Reference Type
http://security.gentoo.org/glsa/glsa-200812-17.xml No Types Assigned
http://security.gentoo.org/glsa/glsa-200812-17.xml Third Party Advisory
Changed Reference Type
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562 No Types Assigned
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562 Mailing List, Third Party Advisory
Changed Reference Type
http://support.apple.com/kb/HT2163 No Types Assigned
http://support.apple.com/kb/HT2163 Third Party Advisory
Changed Reference Type
http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities No Types Assigned
http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities Third Party Advisory
Changed Reference Type
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206 No Types Assigned
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206 Broken Link
Changed Reference Type
http://www.debian.org/security/2008/dsa-1612 No Types Assigned
http://www.debian.org/security/2008/dsa-1612 Third Party Advisory
Changed Reference Type
http://www.debian.org/security/2008/dsa-1618 No Types Assigned
http://www.debian.org/security/2008/dsa-1618 Third Party Advisory
Changed Reference Type
http://www.mandriva.com/security/advisories?name=MDVSA-2008:140 No Types Assigned
http://www.mandriva.com/security/advisories?name=MDVSA-2008:140 Third Party Advisory
Changed Reference Type
http://www.mandriva.com/security/advisories?name=MDVSA-2008:141 No Types Assigned
http://www.mandriva.com/security/advisories?name=MDVSA-2008:141 Third Party Advisory
Changed Reference Type
http://www.mandriva.com/security/advisories?name=MDVSA-2008:142 No Types Assigned
http://www.mandriva.com/security/advisories?name=MDVSA-2008:142 Third Party Advisory
Changed Reference Type
http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/ No Types Assigned
http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/ Third Party Advisory
Changed Reference Type
http://www.redhat.com/support/errata/RHSA-2008-0561.html No Types Assigned
http://www.redhat.com/support/errata/RHSA-2008-0561.html Third Party Advisory
Changed Reference Type
http://www.ruby-forum.com/topic/157034 No Types Assigned
http://www.ruby-forum.com/topic/157034 Third Party Advisory
Changed Reference Type
http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/ Patch
http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/ Patch, Vendor Advisory
Changed Reference Type
http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html No Types Assigned
http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/archive/1/493688/100/0/threaded No Types Assigned
http://www.securityfocus.com/archive/1/493688/100/0/threaded Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securityfocus.com/bid/29903 No Types Assigned
http://www.securityfocus.com/bid/29903 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id?1020347 No Types Assigned
http://www.securitytracker.com/id?1020347 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.ubuntu.com/usn/usn-621-1 No Types Assigned
http://www.ubuntu.com/usn/usn-621-1 Third Party Advisory
Changed Reference Type
http://www.vupen.com/english/advisories/2008/1907/references No Types Assigned
http://www.vupen.com/english/advisories/2008/1907/references Third Party Advisory
Changed Reference Type
http://www.vupen.com/english/advisories/2008/1981/references No Types Assigned
http://www.vupen.com/english/advisories/2008/1981/references Third Party Advisory
Changed Reference Type
http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html No Types Assigned
http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html Broken Link
Changed Reference Type
https://exchange.xforce.ibmcloud.com/vulnerabilities/43348 No Types Assigned
https://exchange.xforce.ibmcloud.com/vulnerabilities/43348 Third Party Advisory, VDB Entry
Changed Reference Type
https://issues.rpath.com/browse/RPL-2626 No Types Assigned
https://issues.rpath.com/browse/RPL-2626 Broken Link
Changed Reference Type
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646 No Types Assigned
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646 Third Party Advisory
Changed Reference Type
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html No Types Assigned
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html Third Party Advisory