ActiveX Control Vulnerability in IBM SPSS Dimensions and Data Collection
CVE-2012-0190

Currently unrated

Key Information:

Vendor: IBM
Status: Spss Data Collection; Spss Dimensions
Vendor: CVE Published:; 18 January 2012

Summary

An unspecified vulnerability in the Render method of the ExportHTML.ocx ActiveX control, located in ExportHTML.dll, affects specific versions of IBM SPSS Dimensions and Data Collection products. This flaw enables remote attackers to execute arbitrary code by exploiting specially crafted HTML documents, posing serious risks to system security.

References

http://secunia.com/advisories/47565

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/72121

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21577956

x_refsource_CONFIRM

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 18, 2012
Vulnerability Reserved
Dec 14, 2011