Arbitrary Ruby Code Execution in ActiveScriptRuby (ASR) via Crafted HTML Document
CVE-2012-1241 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict interaction with an Internet Explorer ActiveX environment, which allows remote attackers to execute arbitrary Ruby code via a crafted HTML document.
Learn more about our Web Application Penetration Testing UK.