// For flags

CVE-2008-3790

Ruby 1.9 - REXML Remote Denial of Service

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML document with recursively nested entities, aka an "XML entity explosion."

El módulo REXML en Ruby 1.8.6 hasta la versión 1.8.6-p287, 1.8.7 hasta 1.8.7-p72, y 1.9 permite que atacantes, dependiendo del contexto, provocar una denegación de servicio (agotamiento CPU) a través de un documento XML con entidades anidadas recursivamente, también conocido como "Explosión de entidades XML".

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-08-23 First Exploit
  • 2008-08-26 CVE Reserved
  • 2008-08-27 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-20: Improper Input Validation
CAPEC
References (38)
URL Tag Source
http://groups.google.com/group/comp.lang.ruby/browse_thread/thread/19f69e8a081fc0d1/e138e014b74352ca X_refsource_misc
http://secunia.com/advisories/31602 Third Party Advisory
http://secunia.com/advisories/32165 Third Party Advisory
http://secunia.com/advisories/32219 Third Party Advisory
http://secunia.com/advisories/32255 Third Party Advisory
http://secunia.com/advisories/32256 Third Party Advisory
http://secunia.com/advisories/32371 Third Party Advisory
http://secunia.com/advisories/33178 Third Party Advisory
http://secunia.com/advisories/33185 Third Party Advisory
http://secunia.com/advisories/35074 Third Party Advisory
http://support.apple.com/kb/HT3549 X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm X_refsource_confirm
http://weblog.rubyonrails.org/2008/9/3/rails-2-0-4-maintenance-release X_refsource_confirm
http://www.openwall.com/lists/oss-security/2008/08/25/4 Mailing List
http://www.openwall.com/lists/oss-security/2008/08/26/1 Mailing List
http://www.openwall.com/lists/oss-security/2008/08/26/4 Mailing List
http://www.securityfocus.com/bid/30802 Vdb Entry
http://www.securitytracker.com/id?1020735 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA09-133A.html Third Party Advisory
http://www.vupen.com/english/advisories/2008/2428 Vdb Entry
http://www.vupen.com/english/advisories/2008/2483 Vdb Entry
http://www.vupen.com/english/advisories/2009/1297 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/44628 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10393 Signature
URL Date SRC
https://www.exploit-db.com/exploits/32292 2008-08-23
http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml 2024-08-07
URL Date SRC
http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb 2018-10-03
URL Date SRC
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html 2018-10-03
http://security.gentoo.org/glsa/glsa-200812-17.xml 2018-10-03
http://www.debian.org/security/2008/dsa-1651 2018-10-03
http://www.debian.org/security/2008/dsa-1652 2018-10-03
http://www.redhat.com/support/errata/RHSA-2008-0897.html 2018-10-03
https://usn.ubuntu.com/651-1 2018-10-03
https://usn.ubuntu.com/691-1 2018-10-03
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html 2018-10-03
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html 2018-10-03
https://access.redhat.com/security/cve/CVE-2008-3790 2008-10-21
https://bugzilla.redhat.com/show_bug.cgi?id=460134 2008-10-21
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
-
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
p110
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
p111
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
p114
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
p230
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
p286
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
p287
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
p36
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
preview1
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
preview2
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
preview3
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.7
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.7"
-
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.7
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.7"
p17
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.7
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.7"
p22
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.7
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.7"
p71
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.7
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.7"
p72
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.7
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.7"
preview1
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.7
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.7"
preview2
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.7
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.7"
preview3
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.7
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.7"
preview4
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.9
Search vendor "Ruby-lang" for product "Ruby" and version "1.9"
-
Affected