GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict interaction with an Internet Explorer ActiveX environment, which allows remote attackers to execute arbitrary Ruby code via a crafted HTML document.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation12 reference(s) from NVD