ActiveScriptRuby GRScript18.dll ActiveX Control Ruby Code
ActiveScriptRuby GRScript18.dll ActiveX Control Ruby Code Execution Vulnerability
Release Date : 2012-04-13
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch
A vulnerability has been reported in ActiveScriptRuby, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to an error in GRScript18.dll and can be exploited to execute arbitrary Ruby commands.
Successful exploitation may allow execution of arbitrary code, but requires a user to visit a malicious website.
The vulnerability is reported in GRScript18.dll version 22.214.171.124. Prior versions may also be affected.
Update to a fixed version or apply the vendor workaround (please see the vendor's advisory for details).
Provided and/or discovered by:
JVN credits Moca.