PT-2014-3175 · Ibm+1 · Ibm Spss Samplepower+1

Published

2014-02-01

Updated

2017-08-29

CVE-2013-6724

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM SPSS SamplePower version 3.0.1

Description The issue allows remote attackers to execute arbitrary code via a crafted ComboList property value in the vsflex8l ActiveX control.

Recommendations For version 3.0.1, apply the fix provided in FP1 IF1 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2013-6724

ZDI-14-039

Ibm Spss Samplepower

Vsflex8L Activex Control