Buffer Overflow Vulnerability in IBM SPSS SamplePower Product
CVE-2012-5946

Currently unrated

Key Information:

Vendor: IBM
Status: Spss Samplepower
Vendor: CVE Published:; 30 April 2013

Summary

A vulnerability exists in the c1sizer ActiveX control within IBM SPSS SamplePower 3.0 prior to FP1 that enables remote attackers to exploit a buffer overflow condition. This can occur through the TabCaption string, which, if excessively long, could lead to arbitrary code execution on the target system. Ensuring your systems are updated to the latest version can mitigate this risk.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21635476

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/80562

vdb-entryx_refsource_XF

EPSS Score

67% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 30, 2013
Vulnerability Reserved
Nov 21, 2012