12 matches found
CVE-2012-5947
Buffer overflow in the vsflex7l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via unspecified vectors...
CVE-2012-5945
Multiple buffer overflows in the Vsflex8l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allow remote attackers to execute arbitrary code via a long 1 ComboList or 2 ColComboList property value...
Buffer overflow
Multiple buffer overflows in the Vsflex8l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allow remote attackers to execute arbitrary code via a long 1 ComboList or 2 ColComboList property value...
Buffer overflow
Buffer overflow in the vsflex7l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via unspecified vectors...
Buffer overflow
Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via a long TabCaption string...
CVE-2012-5947
IBM SPSS SamplePower 3.0 contains a vsflex7l ActiveX control vulnerability (CVE-2012-5947) that enables remote code execution when the control is invoked by Internet Explorer. The issue arises from insufficient input validation in the ActiveX component, allowing memory corruption and arbitrary co...
CVE-2012-5945
The CVE-2012-5945 issue affects IBM SPSS SamplePower for Windows (Version 3.0) through the Vsflex8l ActiveX control. The root cause is a buffer overflow in the Vsflex8l ActiveX control triggered when a long string is assigned to the ComboList or ColComboList properties, enabling remote code execu...
CVE-2012-5946
Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via a long TabCaption string...
CVE-2012-5946
CVE-2012-5946 affects IBM SPSS SamplePower 3.0 (c1sizer.ocx) where the C1Tab ActiveX control triggers a heap/buffer overflow when handling the TabCaption string, allowing remote code execution. The IBM advisory details that the overflow occurs due to unsafe concatenation (lstrcatA) in TabCaption ...
Design/Logic Flaw
Unspecified vulnerability in the olch2x32 ActiveX control in IBM SPSS SamplePower 3.0 before 3.0-IM-S3SAMPC-WIN32-FP001 allows remote attackers to execute arbitrary code via unknown vectors...
Hardcoded credentials
Multiple unspecified vulnerabilities in the 1 PrintFile and 2 SaveDoc methods in the VsVIEW6 ActiveX control in VsVIEW6.ocx in IBM SPSS SamplePower 3.0 allow remote attackers to execute arbitrary code via a crafted HTML document...
CVE-2012-0189
IBM SPSS SamplePower 3.0 on Windows is affected by CVE-2012-0189 in the VsVIEW6.ocx ActiveX control (SaveDoc method). The vulnerability allows remote code execution when the ActiveX control is instantiated from Internet Explorer; exploitation requires user interaction (visiting a malicious page o...