Lucene search

K
nvd[email protected]NVD:CVE-2012-5946
HistoryApr 30, 2013 - 3:33 a.m.

CVE-2012-5946

2013-04-3003:33:41
CWE-119
web.nvd.nist.gov
5

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.965

Percentile

99.6%

Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via a long TabCaption string.

Affected configurations

Nvd
Node
ibmspss_samplepowerMatch3.0.0.0
VendorProductVersionCPE
ibmspss_samplepower3.0.0.0cpe:2.3:a:ibm:spss_samplepower:3.0.0.0:*:*:*:*:*:*:*

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.965

Percentile

99.6%