CVE-2012-0190

Name of the Vulnerable Software and Affected Versions IBM SPSS Dimensions version 5.5 SPSS Data Collection versions 5.6 through 6.0.1

Description The issue allows remote attackers to execute arbitrary code via a crafted HTML document, exploiting an unspecified vulnerability in the Render method in the ExportHTML.ocx ActiveX control in ExportHTML.dll.

Recommendations For IBM SPSS Dimensions version 5.5, update to a version that fixes the issue in the ExportHTML.dll ActiveX control. For SPSS Data Collection versions 5.6 through 6.0.1, update to a version that fixes the issue in the ExportHTML.dll ActiveX control. As a temporary workaround, consider disabling the Render method in the ExportHTML.ocx ActiveX control until a patch is available.