EUVD-2012-0227

Malware in sbrugna...

EUVD-2013-0604

Malware in sbrugna...

Security Bulletin: IBM SPSS SamplePower c1sizer ActiveX control vulnerability (CVE-2012-5946)

Abstract There is a security vulnerability with the c1sizer ActiveX control shipped by IBM SPSS SamplePower Version 3. The vulnerability allow remote attackers to execute arbitrary code on installations of SamplePower when the control is invoked as ActiveX by Microsoft Internet Explorer. Content...

Security Bulletin: IBM SPSS SamplePower Vsflex8l ActiveX control vulnerability (CVE-2012-5945)

Abstract There is a security vulnerability with the Vsflex8l ActiveX control shipped by IBM SPSS SamplePower Version 3. The vulnerability allows remote attackers to execute arbitrary code on installations of SamplePower when the control is invoked as ActiveX by Microsoft Internet Explorer. Conten...

Security Bulletin: IBM SPSS SamplePower olch2x32 ActiveX control vulnerability (CVE-2013-0593)

Abstract There is a security vulnerability with the olch2x32 ActiveX control shipped by IBM SPSS SamplePower Version 3. The vulnerability allows remote attackers to execute arbitrary code on installations of SamplePower when the control is invoked as ActiveX by Microsoft Internet Explorer. Conten...

Security Bulletin: IBM SPSS SamplePower vsflex7l ActiveX control vulnerability (CVE-2012-5947)

Abstract There is a security vulnerability with the vsflex7l ActiveX control shipped by IBM SPSS SamplePower Version 3. The vulnerability allows remote attackers to execute arbitrary code on installations of SamplePower when the control is invoked as ActiveX by Microsoft Internet Explorer. Conten...

Security Bulletin: IBM SPSS SamplePower vsview6 ActiveX Control vulnerabilities (CVE-2012-0189)

Abstract There are multiple security vulnerabilities with the VsVIEW6 ActiveX control shipped by IBM SPSS SamplePower Version 3. The vulnerabilities allow remote attackers to execute arbitrary code on installations of SamplePower when the control is invoked as ActiveX by Microsoft Internet...

Security Bulletin: IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Remote Code Execution Vulnerability (CVE-2013-6724)

Summary There is security vulnerability with an ActiveX control shipped by IBM SPSS SamplePower Version 3.0.1. This is corrected in IBM SPSS SamplePower 3.0.1 IF1. Vulnerability Details VULNERABILITY DETAILS: CVE IDs: CVE-2013-6724 DESCRIPTION: The latest available Interim Fix installer for IBM...

Security Bulletin: IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Remote Code Execution Vulnerability (CVE-2014-0895)

Summary There is security vulnerability with an ActiveX control shipped by IBM SPSS SamplePower Version 3.0.1. This is corrected in the IBM SPSS SamplePower product Interim Fix. Vulnerability Details VULNERABILITY DETAILS: CVE IDs: CVE-2014-0895 DESCRIPTION: The latest available Interim Fix...

IBM SPSS SamplePower C1Tab ActiveX Heap Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS SamplePower. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the IBM SPS...

IBM SPSS SamplePower vsflex8l ActiveX控件缓冲区溢出漏洞

CVE ID：CVE-2014-0895 IBM SPSS SamplePower是美国IBM公司的一套统计分析软件。 IBM SPSS SamplePower vsflex8l ActiveX控件中存在缓冲区溢出漏洞。远程攻击可借助特制的ComboList属性值利用该漏洞执行任意代码。 0 IBM SPSS SamplePower 3.0.1 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www-01.ibm.com/support/docview.wss?uid=swg21666790...

IBM SPSS SamplePower 3.0.1 < 3.0.1 IF2 vsflex8l ActiveX Control Remote Code Execution

The remote Windows host has a version of IBM SPSS SamplePower 3.0.1 prior to Interim Fix 2. It is, therefore, affected by a remote code execution vulnerability related to a flaw in the vsflex8l ActiveX control. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid73102;...

CVE-2014-0895

Buffer overflow in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 3.0.1-IM-S3SAMPC-WIN32-FP001-IF02 allows remote attackers to execute arbitrary code via a crafted ComboList property value...

Buffer overflow

Buffer overflow in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 3.0.1-IM-S3SAMPC-WIN32-FP001-IF02 allows remote attackers to execute arbitrary code via a crafted ComboList property value...

CVE-2014-0895

IBM SPSS SamplePower 3.0.1 (Windows) is affected by CVE-2014-0895 due to a buffer overflow in the vsflex8l ActiveX control’s ComboList property, enabling remote code execution. The vulnerability affects the ActiveX control shipped with SamplePower 3.0.1 before FP1 3.0.1-IM-S3SAMPC-WIN32-FP001-IF0...

KLA10207 ACE vulnerability in IBM SPSS SamplePower

A buffer overflow was found in the IBM SPSS SamplePower. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed ComboList. Original advisories - Related products IBM-SPSS-SamplePower CVE list CVE-2014-0895...

IBM SPSS SamplePower 3.0.1 < 3.0.1 IF1 ActiveX Control Remote Code Execution

The remote Windows host has a version of IBM SPSS SamplePower 3.0.1 prior to Interim Fix 1. It is, therefore, affected by a remote code execution vulnerability related to a flaw in the 'Vsflex8l.ocx' ActiveX control. C Tenable Network Security, Inc. include"compat.inc"; if description...

Code injection

Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 IF1 allows remote attackers to execute arbitrary code via a crafted ComboList property value...

CVE-2013-6724

CVE-2013-6724 affects IBM SPSS SamplePower for Windows v3.0.1 through FP1; the vulnerability resides in the vsflex8l ActiveX control (VSFlexGrid8.VSFlexGridL) with the ComboList/ColComboList data handling, allowing remote code execution via a crafted value. IBM notes a fix in SamplePower 3.0.1 FP...