Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveJpcertCVE-2012-1241
HistoryApr 16, 2012 - 4:55 p.m.

CVE-2012-1241

2012-04-1616:55:01
CWE-264
jpcert
web.nvd.nist.gov
28
cve-2012-1241
activescriptruby
internet explorer
activex
remote code execution
security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.012

Percentile

85.1%

JSON

GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict interaction with an Internet Explorer ActiveX environment, which allows remote attackers to execute arbitrary Ruby code via a crafted HTML document.

Affected configurations

Nvd
Node
artonx.orgactivescriptrubyRange≀1.0.8.8
OR
artonx.orgactivescriptrubyMatch1.6.0.1
OR
artonx.orgactivescriptrubyMatch1.6.0.2
OR
artonx.orgactivescriptrubyMatch1.6.0.3
OR
artonx.orgactivescriptrubyMatch1.6.0.5
OR
artonx.orgactivescriptrubyMatch1.6.2.0
OR
artonx.orgactivescriptrubyMatch1.6.2.1
OR
artonx.orgactivescriptrubyMatch1.6.2.2
OR
artonx.orgactivescriptrubyMatch1.6.2.3
OR
artonx.orgactivescriptrubyMatch1.6.2.4
OR
artonx.orgactivescriptrubyMatch1.6.2.5
OR
artonx.orgactivescriptrubyMatch1.6.2.6
OR
artonx.orgactivescriptrubyMatch1.6.2.7
OR
artonx.orgactivescriptrubyMatch1.6.2.8
OR
artonx.orgactivescriptrubyMatch1.6.2.9
OR
artonx.orgactivescriptrubyMatch1.6.2.10
OR
artonx.orgactivescriptrubyMatch1.6.3.0
OR
artonx.orgactivescriptrubyMatch1.6.3.1
OR
artonx.orgactivescriptrubyMatch1.6.3.2
OR
artonx.orgactivescriptrubyMatch1.6.3.3
OR
artonx.orgactivescriptrubyMatch1.6.3.4
OR
artonx.orgactivescriptrubyMatch1.6.3.5
OR
artonx.orgactivescriptrubyMatch1.6.4.0
OR
artonx.orgactivescriptrubyMatch1.6.4.1
OR
artonx.orgactivescriptrubyMatch1.6.4.2
OR
artonx.orgactivescriptrubyMatch1.6.4.3
OR
artonx.orgactivescriptrubyMatch1.6.4.4
OR
artonx.orgactivescriptrubyMatch1.6.4.6
OR
artonx.orgactivescriptrubyMatch1.6.4.7
OR
artonx.orgactivescriptrubyMatch1.6.4.8
OR
artonx.orgactivescriptrubyMatch1.6.5.0
OR
artonx.orgactivescriptrubyMatch1.6.5.1
OR
artonx.orgactivescriptrubyMatch1.6.5.2
OR
artonx.orgactivescriptrubyMatch1.6.5.3
OR
artonx.orgactivescriptrubyMatch1.6.5.4
OR
artonx.orgactivescriptrubyMatch1.6.5.5
OR
artonx.orgactivescriptrubyMatch1.6.5.6
OR
artonx.orgactivescriptrubyMatch1.6.5.7
OR
artonx.orgactivescriptrubyMatch1.6.6.0
OR
artonx.orgactivescriptrubyMatch1.6.6.1
OR
artonx.orgactivescriptrubyMatch1.6.7.0
OR
artonx.orgactivescriptrubyMatch1.6.7.1
OR
artonx.orgactivescriptrubyMatch1.6.7.2
OR
artonx.orgactivescriptrubyMatch1.6.7.3
OR
artonx.orgactivescriptrubyMatch1.6.7.4
OR
artonx.orgactivescriptrubyMatch1.6.7.5
OR
artonx.orgactivescriptrubyMatch1.6.7.6
OR
artonx.orgactivescriptrubyMatch1.6.8.0
OR
artonx.orgactivescriptrubyMatch1.6.8.1
OR
artonx.orgactivescriptrubyMatch1.6.8.3
OR
artonx.orgactivescriptrubyMatch1.8.0.0
OR
artonx.orgactivescriptrubyMatch1.8.0.5
OR
artonx.orgactivescriptrubyMatch1.8.1.0
OR
artonx.orgactivescriptrubyMatch1.8.1.1
OR
artonx.orgactivescriptrubyMatch1.8.1.2
OR
artonx.orgactivescriptrubyMatch1.8.2.0
OR
artonx.orgactivescriptrubyMatch1.8.4.0
OR
artonx.orgactivescriptrubyMatch1.8.5.0
OR
artonx.orgactivescriptrubyMatch1.8.5.2
OR
artonx.orgactivescriptrubyMatch1.8.7.34
OR
artonx.orgactivescriptrubyMatch1.8.7.35
OR
artonx.orgactivescriptrubyMatch1.8.7.36
VendorProductVersionCPE
artonx.orgactivescriptruby*cpe:2.3:a:artonx.org:activescriptruby:*:*:*:*:*:*:*:*
artonx.orgactivescriptruby1.6.0.1cpe:2.3:a:artonx.org:activescriptruby:1.6.0.1:*:*:*:*:*:*:*
artonx.orgactivescriptruby1.6.0.2cpe:2.3:a:artonx.org:activescriptruby:1.6.0.2:*:*:*:*:*:*:*
artonx.orgactivescriptruby1.6.0.3cpe:2.3:a:artonx.org:activescriptruby:1.6.0.3:*:*:*:*:*:*:*
artonx.orgactivescriptruby1.6.0.5cpe:2.3:a:artonx.org:activescriptruby:1.6.0.5:*:*:*:*:*:*:*
artonx.orgactivescriptruby1.6.2.0cpe:2.3:a:artonx.org:activescriptruby:1.6.2.0:*:*:*:*:*:*:*
artonx.orgactivescriptruby1.6.2.1cpe:2.3:a:artonx.org:activescriptruby:1.6.2.1:*:*:*:*:*:*:*
artonx.orgactivescriptruby1.6.2.2cpe:2.3:a:artonx.org:activescriptruby:1.6.2.2:*:*:*:*:*:*:*
artonx.orgactivescriptruby1.6.2.3cpe:2.3:a:artonx.org:activescriptruby:1.6.2.3:*:*:*:*:*:*:*
artonx.orgactivescriptruby1.6.2.4cpe:2.3:a:artonx.org:activescriptruby:1.6.2.4:*:*:*:*:*:*:*
Rows per page:
1-10 of 621

Related

seebug 1
cvelist 1
nvd 1
prion 1
jvn 1
seebug
seebug
ActiveScriptRuby 'GRScript18.dll' ActiveX控仢DLLθ£…θ½½δ»»ζ„δ»£η ζ‰§θ‘ŒζΌζ΄ž
2012-04-16 00:00:00
cvelist
cvelist
CVE-2012-1241
2012-04-16 16:00:00
nvd
nvd
CVE-2012-1241
2012-04-16 16:55:01
prion
prion
Hardcoded credentials
2012-04-16 16:55:00
jvn
jvn
JVN#33283707: ActiveScriptRuby vulnerable to arbitrary Ruby script execution
2012-04-13 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.012

Percentile

85.1%

JSON
Related for CVE-2012-1241
seebug1cvelist1nvd1prion1jvn1