Buffer Overflow Vulnerability in Vsflex8l ActiveX Control by IBM
CVE-2012-5945

Currently unrated

Key Information:

Vendor: IBM
Status: Spss Samplepower
Vendor: CVE Published:; 30 April 2013

Summary

Multiple buffer overflows in the Vsflex8l ActiveX control within IBM SPSS SamplePower 3.0 prior to FP1 enable remote attackers to exploit vulnerabilities. Malicious actors can execute arbitrary code by providing excessively long values to the ComboList or ColComboList properties, which can compromise the system's integrity and security.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/80561

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21635515

x_refsource_CONFIRM

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 30, 2013
Vulnerability Reserved
Nov 21, 2012