CVE-2012-0155
published 2012-02-14CVE-2012-0155: Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted…
PriorityP358critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
65.50%
99.2th percentile
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability."
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| activerecord_project | activerecord | >= 3.0.0 < 3.0.19 | 3.0.19 |
| activerecord_project | activerecord | >= 3.1.0 < 3.1.10 | 3.1.10 |
| activerecord_project | activerecord | >= 3.2.0 < 3.2.11 | 3.2.11 |
| activerecord_project | activerecord | >= 4.2.0 < 4.2.7.1 | 4.2.7.1 |
| microsoft | internet_explorer | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- ·Sources DOC 2 and DOC 3 are about CVE-2013-0155 and CVE-2013-0156 (Ruby on Rails), not CVE-2012-0155 (Microsoft Internet Explorer 9 VML RCE). No operational IOCs, detection hints, or configuration caveats are present in the sources for CVE-2012-0155. ↗
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
ghsa6.4MEDIUM
vendor_redhat6.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xh3j-g6g3-34w7: Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a delet
ghsa_unreviewed·2022-05-04
CVE-2012-0155 [HIGH] CWE-94 GHSA-xh3j-g6g3-34w7: Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a delet
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability."
GHSA
Moderate severity vulnerability that affects activerecord
ghsa·2018-08-13·CVSS 6.4
[MEDIUM] Moderate severity vulnerability that affects activerecord
Moderate severity vulnerability that affects activerecord
Withdrawn, accidental duplicate publish.
Active Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155.
GHSA
Active Record allows bypassing of database-query restrictions
ghsa·2017-10-24·CVSS 6.4
CVE-2013-0155 [MEDIUM] CWE-284 Active Record allows bypassing of database-query restrictions
Active Record allows bypassing of database-query restrictions
Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660 and CVE-2012-2694.
GHSA
ActiveRecord in Ruby on Rails allows database-query bypass
ghsa·2017-10-24·CVSS 6.4
CVE-2016-6317 [MEDIUM] CWE-284 ActiveRecord in Ruby on Rails allows database-query bypass
ActiveRecord in Ruby on Rails allows database-query bypass
Active Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155.
Red Hat
rubygem-activerecord: unsafe query generation in Active Record
vendor_redhat·2016-08-11·CVSS 6.4
CVE-2016-6317 [MEDIUM] CWE-20 rubygem-activerecord: unsafe query generation in Active Record
rubygem-activerecord: unsafe query generation in Active Record
Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155.
A flaw was found in the way Active Record handled certain special values in dynamic finders and relations. If a Ruby on Rails application performed JSON parameter parsing, a remote attacker could possibly manipulate search conditions in SQL queries generated by the application.
Package:
Red Hat
rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
vendor_redhat·2013-01-08·CVSS 6.4
CVE-2013-0155 [MEDIUM] CWE-89 rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660 and CVE-2012-2694.
No detection rules found.
No public exploits indexed.
Zscaler
Zscaler Protects against Microsoft's Patch Cycle | Round 12
blogs_zscaler·CVSS 9.3
[CRITICAL] Zscaler Protects against Microsoft's Patch Cycle | Round 12
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Bugzilla
CVE-2013-0155 rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
bugzilla·2013-01-08·CVSS 6.4
CVE-2013-0155 [MEDIUM] CVE-2013-0155 rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
CVE-2013-0155 rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
Damien Mathieu ([email protected]) reports:
Unsafe Query Generation Risk in Ruby on Rails
There is a vulnerability when Active Record is used in conjunction with JSON
parameter parsing. This vulnerability has been assigned the CVE identifier
CVE-2013-0155.
Versions Affected: 3.x series
Not affected: 2.x series
Fixed Versions: 3.2.11, 3.1.10, 3.0.19
Impact
Due to the way Active Record interprets parameters in combination with the way
that JSON parameters are parsed, it is possible for an attacker to issue
unexpected database queries with "IS NULL" or empty where clauses. This issue
does *not* let an attacker insert arbitrary values into an SQL query, however
they can cause the query to check for NULL or el
Bugzilla
CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack
bugzilla·2013-01-08·CVSS 4.3
CVE-2013-0156 [MEDIUM] CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack
CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack
The Ruby on Rails project reports:
Multiple vulnerabilities in parameter parsing in ActionPack
There are multiple weaknesses in the parameter parsing code for Ruby on Rails
which could allow attackers to bypass authentication systems, inject arbitrary
SQL, inject an execute arbitrary code, or perform a DoS attack on a rails
application. This vulnerability has been assigned the CVE identifier
CVE-2013-0156.
Versions Affected: ALL versions
Not affected: NONE
Fixed Versions: 3.2.11, 3.1.10, 3.0.19, 2.3.15
Impact
The XML parameter parsing code of Ruby on Rails allows applications to
automatically to cast values from strings to certain data types.
Unfortunately the type casting code supported c
http://www.us-cert.gov/cas/techalerts/TA12-045A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-010https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14781http://www.us-cert.gov/cas/techalerts/TA12-045A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-010https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14781
2012-02-14
Published