Security Bulletin: IBM SPSS SamplePower Vsflex8l ActiveX control vulnerability (CVE-2012-5945)

Abstract There is a security vulnerability with the Vsflex8l ActiveX control shipped by IBM SPSS SamplePower Version 3. The vulnerability allows remote attackers to execute arbitrary code on installations of SamplePower when the control is invoked as ActiveX by Microsoft Internet Explorer. Conten...

IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS SamplePower. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the IBM SPS...

IBM SPSS SamplePower vsflex8l ActiveX控件缓冲区溢出漏洞

CVE ID：CVE-2014-0895 IBM SPSS SamplePower是美国IBM公司的一套统计分析软件。 IBM SPSS SamplePower vsflex8l ActiveX控件中存在缓冲区溢出漏洞。远程攻击可借助特制的ComboList属性值利用该漏洞执行任意代码。 0 IBM SPSS SamplePower 3.0.1 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www-01.ibm.com/support/docview.wss?uid=swg21666790...

IBM SPSS SamplePower 3.0.1 < 3.0.1 IF2 vsflex8l ActiveX Control Remote Code Execution

The remote Windows host has a version of IBM SPSS SamplePower 3.0.1 prior to Interim Fix 2. It is, therefore, affected by a remote code execution vulnerability related to a flaw in the vsflex8l ActiveX control. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid73102;...

CVE-2014-0895

IBM SPSS SamplePower 3.0.1 (Windows) is affected by CVE-2014-0895 due to a buffer overflow in the vsflex8l ActiveX control’s ComboList property, enabling remote code execution. The vulnerability affects the ActiveX control shipped with SamplePower 3.0.1 before FP1 3.0.1-IM-S3SAMPC-WIN32-FP001-IF0...

CVE-2014-0895

Buffer overflow in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 3.0.1-IM-S3SAMPC-WIN32-FP001-IF02 allows remote attackers to execute arbitrary code via a crafted ComboList property value...

Code injection

Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 IF1 allows remote attackers to execute arbitrary code via a crafted ComboList property value...

CVE-2013-6724

Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 IF1 allows remote attackers to execute arbitrary code via a crafted ComboList property value...

IBM SPSS SamplePower Vsflex8l ActiveX Control Buffer Overflow (CVE-2012-5945)

A code execution vulnerability exists in the VsVIEW6.ocxActiveX control, which is shipped as part of IBM SPSS SamplePower...

CVE-2012-5945

Multiple buffer overflows in the Vsflex8l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allow remote attackers to execute arbitrary code via a long 1 ComboList or 2 ColComboList property value...