Back to search
CVE-2012-1241
Published: Apr 16, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict interaction with an Internet Explorer ActiveX environment, which allows remote attackers to execute arbitrary Ruby code via a crafted HTML document.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
JVNDB-2012-000031
third-party-advisory
x_refsource_JVNDB
[ruby-list] 20100619 ANN: ActiveScriptRuby 1.8.7
mailing-list
x_refsource_MLIST
53011
vdb-entry
x_refsource_BID
48811
third-party-advisory
x_refsource_SECUNIA
activescriptruby-grscript18-code-exec(74866)
vdb-entry
x_refsource_XF
JVN#33283707
third-party-advisory
x_refsource_JVN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now