PT-2012-3158 · Microsoft · Internet Explorer
Moca
·
Published
2012-04-16
·
Updated
2017-12-29
·
CVE-2012-1241
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
ActiveScriptRuby (ASR) version 1.8.7 and earlier, specifically with GRScript18.dll before 1.2.2.0
Description
The issue allows remote attackers to execute arbitrary Ruby code via a crafted HTML document, due to improper restriction of interaction with an Internet Explorer ActiveX environment.
Recommendations
For ActiveScriptRuby (ASR) version 1.8.7 and earlier, update GRScript18.dll to version 1.2.2.0 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Internet Explorer