Where did this script come from? was that part of the raw transaction from the receiving or sending of funds? 
From the spend redeeming the first transaction sent to the address. The script (redeemScript) is the first input.
Quote
Following on from that, is there some sort of weakness in the way that the multisig address has been setup (hence the colour coded 02 and 03?) that might enable one to obtain ownership of the coins?
Maybe
Quote
I'd like to learn more
Awesome! I recommend setting up an indexing(!) testnet node with a command line interface and just start messing with it. In no time you'll learn the names of a bunch of technical terms, and then you'll have keywords to use when searching for something new you wanna learn about.
For example you could run this with your indexing testnet node, and see the script as the bottom item in scriptSig :
bitcoin-cli -testnet getrawtransaction 4c004c3f06f5b76ae3f325cfb26ff305146bda0a3f9e5662462653b41324ac4a 1
Aside from that, I don't want to accidentally drop clues to the answer in case someone is still working on solving this, so I'll stop here