4 matches found
Security Bulletin: IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Remote Code Execution Vulnerability (CVE-2014-0895)
Summary There is security vulnerability with an ActiveX control shipped by IBM SPSS SamplePower Version 3.0.1. This is corrected in the IBM SPSS SamplePower product Interim Fix. Vulnerability Details VULNERABILITY DETAILS: CVE IDs: CVE-2014-0895 DESCRIPTION: The latest available Interim Fix...
IBM SPSS SamplePower vsflex8l ActiveX控件缓冲区溢出漏洞
CVE ID:CVE-2014-0895 IBM SPSS SamplePower是美国IBM公司的一套统计分析软件。 IBM SPSS SamplePower vsflex8l ActiveX控件中存在缓冲区溢出漏洞。远程攻击可借助特制的ComboList属性值利用该漏洞执行任意代码。 0 IBM SPSS SamplePower 3.0.1 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www-01.ibm.com/support/docview.wss?uid=swg21666790...
CVE-2014-0895
IBM SPSS SamplePower 3.0.1 (Windows) is affected by CVE-2014-0895 due to a buffer overflow in the vsflex8l ActiveX control’s ComboList property, enabling remote code execution. The vulnerability affects the ActiveX control shipped with SamplePower 3.0.1 before FP1 3.0.1-IM-S3SAMPC-WIN32-FP001-IF0...
KLA10207 ACE vulnerability in IBM SPSS SamplePower
A buffer overflow was found in the IBM SPSS SamplePower. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed ComboList. Original advisories - Related products IBM-SPSS-SamplePower CVE list CVE-2014-0895...