Lucene search

IbmCVE-2012-5769

HistoryJan 01, 2013 - 12:35 p.m.

CVE-2012-5769

2013-01-0112:35:14

ibm

web.nvd.nist.gov

ibm

spss modeler

14.0

14.1

14.2

15.0

vulnerability

xml

remote attack

cpu

memory

denial of service

nvd

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

AI Score

Confidence

Low

EPSS

0.006

Percentile

78.2%

JSON

IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.

Affected configurations

Nvd

Node

ibmspss_modelerMatch14.0.0.0

ibmspss_modelerMatch14.0.0.1

ibmspss_modelerMatch14.0.0.2

ibmspss_modelerMatch14.1.0.0

ibmspss_modelerMatch14.1.0.1

ibmspss_modelerMatch14.1.0.2

ibmspss_modelerMatch14.2.0.0

ibmspss_modelerMatch14.2.0.1

ibmspss_modelerMatch14.2.0.2

ibmspss_modelerMatch14.2.0.3

ibmspss_modelerMatch15.0.0.0

ibmspss_modelerMatch15.0.0.1

VendorProductVersionCPE
ibmspss_modeler14.0.0.0cpe:2.3:a:ibm:spss_modeler:14.0.0.0:*:*:*:*:*:*:*
ibmspss_modeler14.0.0.1cpe:2.3:a:ibm:spss_modeler:14.0.0.1:*:*:*:*:*:*:*
ibmspss_modeler14.0.0.2cpe:2.3:a:ibm:spss_modeler:14.0.0.2:*:*:*:*:*:*:*
ibmspss_modeler14.1.0.0cpe:2.3:a:ibm:spss_modeler:14.1.0.0:*:*:*:*:*:*:*
ibmspss_modeler14.1.0.1cpe:2.3:a:ibm:spss_modeler:14.1.0.1:*:*:*:*:*:*:*
ibmspss_modeler14.1.0.2cpe:2.3:a:ibm:spss_modeler:14.1.0.2:*:*:*:*:*:*:*
ibmspss_modeler14.2.0.0cpe:2.3:a:ibm:spss_modeler:14.2.0.0:*:*:*:*:*:*:*
ibmspss_modeler14.2.0.1cpe:2.3:a:ibm:spss_modeler:14.2.0.1:*:*:*:*:*:*:*
ibmspss_modeler14.2.0.2cpe:2.3:a:ibm:spss_modeler:14.2.0.2:*:*:*:*:*:*:*
ibmspss_modeler14.2.0.3cpe:2.3:a:ibm:spss_modeler:14.2.0.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	spss_modeler	14.0.0.0	cpe:2.3:a:ibm:spss_modeler:14.0.0.0:::::::*
ibm	spss_modeler	14.0.0.1	cpe:2.3:a:ibm:spss_modeler:14.0.0.1:::::::*
ibm	spss_modeler	14.0.0.2	cpe:2.3:a:ibm:spss_modeler:14.0.0.2:::::::*
ibm	spss_modeler	14.1.0.0	cpe:2.3:a:ibm:spss_modeler:14.1.0.0:::::::*
ibm	spss_modeler	14.1.0.1	cpe:2.3:a:ibm:spss_modeler:14.1.0.1:::::::*
ibm	spss_modeler	14.1.0.2	cpe:2.3:a:ibm:spss_modeler:14.1.0.2:::::::*
ibm	spss_modeler	14.2.0.0	cpe:2.3:a:ibm:spss_modeler:14.2.0.0:::::::*
ibm	spss_modeler	14.2.0.1	cpe:2.3:a:ibm:spss_modeler:14.2.0.1:::::::*
ibm	spss_modeler	14.2.0.2	cpe:2.3:a:ibm:spss_modeler:14.2.0.2:::::::*
ibm	spss_modeler	14.2.0.3	cpe:2.3:a:ibm:spss_modeler:14.2.0.3:::::::*

Rows per page:

1-10 of 121

References

www-01.ibm.com/support/docview.wss?uid=swg1PM79454

www-01.ibm.com/support/docview.wss?uid=swg21620758

www-01.ibm.com/support/docview.wss?uid=swg24034122

exchange.xforce.ibmcloud.com/vulnerabilities/80316

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

AI Score

Confidence

Low

EPSS

0.006

Percentile

78.2%

JSON

Related for CVE-2012-5769