FKIE_CVE-2012-1241
Vulnerability from fkie_nvd - Published: 2012-04-16 16:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict interaction with an Internet Explorer ActiveX environment, which allows remote attackers to execute arbitrary Ruby code via a crafted HTML document.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:*:*:*:*:*:*:*:*",
"matchCriteriaId": "150CEBB3-1BC0-45F5-BC10-095B61932F05",
"versionEndIncluding": "1.0.8.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24615502-467F-4145-BCDD-E17E8F7791E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "32506693-58C9-4C79-B067-85995714A7E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAF554C-857E-4BCA-8635-EE1A74E5A7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A31D2C-50E0-469F-933C-7716A4D1D7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54AA1CFA-8EC5-457E-B6D0-F29B93119D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC154358-CAB0-4450-BCBE-F23EFB4AD5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF75BD5-6B36-4617-BF19-5642078D875D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17A9D67E-DA86-4556-AD12-9C6DF1E43240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D964B914-4607-4F49-AB79-82D5FDE8C60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46A06F6D-318F-4412-B619-9CA2E75FD8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F2937CDD-457D-4D5A-82D7-533694F5E071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4282B7D-86FB-4219-B475-B41BD8B78831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FA8C7C-6B15-479C-A567-8EC23A6DE3A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D9BCC36B-6444-40A0-BB7C-3C14F36077FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "43737947-1EA7-4428-A6AA-C57D41946ED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1237A092-93AF-4652-AFC4-E28AC8CCD656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6908ECF0-A857-42F4-9897-07C53F980924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70C8D14F-A1F6-407C-ACAE-4BEF19303F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "264633B1-B84E-4B9E-A4C2-7A5C80CB5F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EAD13767-B2FA-41CF-947F-F7EE014B02B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC5326E0-0ED7-4F0B-A80E-5CE9B2932930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D98D774C-0433-4642-9755-B707460AC080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9254E3A-D748-40BA-B7A9-B873D8A61E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D11879B-90CA-4997-8AB9-3304297BAFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "00A8E51D-E107-4992-AC82-66C223D71523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB554EDA-822C-4CAD-83B9-8E85DB790C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "49C06520-093F-48D0-87BD-2013A068B7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D5E242-EC07-4439-9A49-BC849D152AE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2451D90B-1D7F-4D23-B26F-2615A2C8220A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "95F2DA28-AEF1-4A1C-A92E-C16C8109A5D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A12B0CB-D4BD-41B3-A79A-AE5747FDC681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B77399-D525-41F0-B98D-AECBE85BFC98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "883802A5-B6F8-4FFD-8581-2764B90FDEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6C70749C-78E1-432D-BEAA-753D11313B97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EC9E7B-DF64-420D-8654-AC00D08B018F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6F30E30A-D6FA-4938-BC7A-E557C7632F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D54396D4-D0E0-4291-B97A-6C08C0EA4908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A93270-EB75-4F96-889F-C4C469DD5CBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F107A23-F249-4EAE-A130-8B69FA73F43B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9BD64E-86FC-462F-B26D-BC17D559305E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBE84FB-2F54-43B8-BA57-EA98ACC3A92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD58D11-53E4-49FD-B646-EF46A1E50A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10BDAA-969A-4829-A468-E4B6BDCE6C94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E33EE3D1-F936-4C62-B958-BBC8971B90FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "91DDB8FB-D04B-4282-B11B-88EE6FFBF24D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AE62E77F-EA03-47C7-ADEA-51C064167208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85A261DC-6741-406D-9F8B-A705DABFA66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5649DF6F-CA3A-4A2B-B363-6A1534D2F031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.6.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51D4E96A-C78E-4C7E-BAC8-2D24C9DC368D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADB61CB-FA67-4372-9F8D-DBB66385C117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0B012E-6503-4195-A423-648D06751C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82ACBAB4-CDAC-40DD-BF69-34AE56C60B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE3F86-802C-41C6-899E-E41CD052EAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C20186CE-4C0B-4A25-8416-5D20FA5486BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "75899E98-F16B-44B7-AD74-59D2F3CC243C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "061AFEDC-9FC9-4F34-BF67-BD4BE57FE1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F69AF27-F5E1-47A0-916C-DF2B57759332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA3065A-6BCB-46C5-AFF5-A0384AF11EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.7.34:*:*:*:*:*:*:*",
"matchCriteriaId": "C31A873D-123E-4696-8602-ECA9F95FC33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.7.35:*:*:*:*:*:*:*",
"matchCriteriaId": "EF862CBC-D80B-4A71-8ABB-BDDC21C31E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:artonx.org:activescriptruby:1.8.7.36:*:*:*:*:*:*:*",
"matchCriteriaId": "236B353D-1C0E-405D-8C79-864A95EEB111",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict interaction with an Internet Explorer ActiveX environment, which allows remote attackers to execute arbitrary Ruby code via a crafted HTML document."
},
{
"lang": "es",
"value": "GRScript18.dll anteriores a v1.2.2.0 en ActiveScriptRuby (ASR) anteriores a v1.8.7 no restringen de forma adecuada la interacci\u00f3n con un entorno ActiveX en Internet Explorer, lo que permite a atacantes remotos ejecutar c\u00f3digo RUBY mediante un documento HTML manipulado."
}
],
"id": "CVE-2012-1241",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-16T16:55:01.727",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-list/47170"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN33283707/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000031"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://secunia.com/advisories/48811"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/53011"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-list/47170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN33283707/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74866"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…