PT-2014-3928 · Componentone+1 · Vsflex8L Activex Control+1
Published
2014-03-16
·
Updated
2017-08-29
·
CVE-2014-0895
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
IBM SPSS SamplePower version 3.0.1
Description
The issue is related to a buffer overflow in the vsflex8l ActiveX control. This can be exploited by remote attackers to execute arbitrary code via a crafted
ComboList property value.Recommendations
For IBM SPSS SamplePower version 3.0.1, apply the fix from FP1 3.0.1-IM-S3SAMPC-WIN32-FP001-IF02 to resolve the issue.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Spss Samplepower
Vsflex8L Activex Control