Lucene search
Alexander GavrunZDI-13-100HistoryMay 29, 2013 - 12:00 a.m.
IBM SPSS SamplePower C1sizer.ocx ActiveX TabCaption Remote Code Execution Vulnerability
2013-05-2900:00:00
Alexander Gavrun
www.zerodayinitiative.com
16
EPSS
0.965
Percentile
99.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS SamplePower. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the C1sizer.ocx ActiveX Control. This component performs insufficient bounds checking on user-supplied data on the TabCaption property which results in memory corruption. An attacker can leverage this situation to execute code under the context of the user running the browser.
Related
saint
saint
IBM SPSS SamplePower c1sizer ActiveX Control Vulnerability
2013-06-09 00:00:00
IBM SPSS SamplePower c1sizer ActiveX Control Vulnerability
2013-06-09 00:00:00
IBM SPSS SamplePower c1sizer ActiveX Control Vulnerability
2013-06-09 00:00:00
packetstorm
packetstorm
IBM SPSS SamplePower C1Tab ActiveX Heap Overflow
2013-05-28 00:00:00
checkpoint_advisories
checkpoint_advisories
IBM SPSS SamplePower c1sizer ActiveX Control Buffer Overflow (CVE-2012-5946)
2013-06-30 00:00:00
prion
prion
Buffer overflow
2013-04-30 03:33:00
metasploit
metasploit
IBM SPSS SamplePower C1Tab ActiveX Heap Overflow
2013-05-26 05:21:20
cve
cve
CVE-2012-5946
2013-04-30 03:33:41
nvd
nvd
CVE-2012-5946
2013-04-30 03:33:41
cvelist
cvelist
CVE-2012-5946
2013-04-30 01:00:00
d2
d2
DSquare Exploit Pack: D2SEC_C1SIZER
2013-04-30 03:33:00
exploitdb
exploitdb
IBM SPSS SamplePower C1Tab - ActiveX Heap Overflow (Metasploit)
2013-05-29 00:00:00
zdt
zdt
IBM SPSS SamplePower C1Tab ActiveX Heap Overflow Vulnerability
2013-05-29 00:00:00
ibm
ibm
nessus
nessus
openvas
openvas
IBM SPSS SamplePower Multiple Vulnerabilities (Windows)
2013-05-08 00:00:00
IBM SPSS SamplePower Multiple Vulnerabilities - Windows
2013-05-08 00:00:00