PT-2012-2386 · Ibm · Ibm Spss Data Collection+1

Published

2012-01-18

Updated

2017-08-29

CVE-2012-0188

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM SPSS Dimensions version 5.5 IBM SPSS Data Collection versions 5.6 through 6.0.1

Description The issue allows remote attackers to execute arbitrary code via a crafted HTML document, exploiting an unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX control in mraboutb.dll.

Recommendations For IBM SPSS Dimensions version 5.5, update to a version that fixes the SetLicenseInfoEx method vulnerability in the mraboutb.dll ActiveX control. For IBM SPSS Data Collection versions 5.6 through 6.0.1, update to a version that fixes the SetLicenseInfoEx method vulnerability in the mraboutb.dll ActiveX control.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2012-0188

ZDI-12-019

Affected Products

Ibm Spss Data Collection

Ibm Spss Dimensions

PT-2012-2386 · Ibm · Ibm Spss Data Collection+1

CVE-2012-0188

Related Identifiers

Affected Products

References · 6