Lucene search

[email protected]CVE-2015-0140

HistoryMay 25, 2015 - 2:59 p.m.

CVE-2015-0140

2015-05-2514:59:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

ibm spss

activex control

remote code execution

cve-2015-0140

nvd

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.9%

JSON

An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document.

CPENameOperatorVersion
ibm:spss_statisticsibm spss statisticseq22.0

CPE	Name	Operator	Version
ibm:spss_statistics	ibm spss statistics	eq	22.0

References

www-01.ibm.com/support/docview.wss?uid=swg21697746

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.9%

JSON

Related for CVE-2015-0140

ibm1 prion1 cvelist1