CVE-2012-0188

Опубликовано: 18 янв. 2012

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX control in mraboutb.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document.

Ссылки

http://osvdb.org/78329
http://secunia.com/advisories/47565
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21577956
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/72118
http://osvdb.org/78329
http://secunia.com/advisories/47565
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21577956
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/72118

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:spss_data_collection:5.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:spss_data_collection:6.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:spss_data_collection:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:spss_dimensions:5.5:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06382

Низкий

9.3 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-mx5w-cv3g-w9v3

github

почти 4 года назад