Lucene search

IbmCVE-2012-0189

HistoryJan 18, 2012 - 8:55 p.m.

CVE-2012-0189

2012-01-1820:55:03

ibm

web.nvd.nist.gov

cve-2012-0189

printfile

savedoc

vsview6

activex control

ibm spss samplepower 3.0

remote code execution

html document

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.88

Percentile

98.7%

JSON

Multiple unspecified vulnerabilities in the (1) PrintFile and (2) SaveDoc methods in the VsVIEW6 ActiveX control in VsVIEW6.ocx in IBM SPSS SamplePower 3.0 allow remote attackers to execute arbitrary code via a crafted HTML document.

Affected configurations

Nvd

Node

ibmspss_samplepowerMatch3.0

VendorProductVersionCPE
ibmspss_samplepower3.0cpe:2.3:a:ibm:spss_samplepower:3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	spss_samplepower	3.0	cpe:2.3:a:ibm:spss_samplepower:3.0:::::::*

References

secunia.com/advisories/47605

www.ibm.com/support/docview.wss?uid=swg21577951

exchange.xforce.ibmcloud.com/vulnerabilities/72119

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.88

Percentile

98.7%

JSON

Related for CVE-2012-0189