Описание
GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict interaction with an Internet Explorer ActiveX environment, which allows remote attackers to execute arbitrary Ruby code via a crafted HTML document.
GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict interaction with an Internet Explorer ActiveX environment, which allows remote attackers to execute arbitrary Ruby code via a crafted HTML document.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-1241
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74866
- http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-list/47170
- http://jvn.jp/en/jp/JVN33283707/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000031
- http://secunia.com/advisories/48811
- http://www.securityfocus.com/bid/53011
EPSS
Процентиль: 77%
0.01039
Низкий
CVE ID
Связанные уязвимости
nvd
почти 14 лет назад
GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict interaction with an Internet Explorer ActiveX environment, which allows remote attackers to execute arbitrary Ruby code via a crafted HTML document.
EPSS
Процентиль: 77%
0.01039
Низкий