“SPSS Statistics ActiveX control on Windows 32 bit installations could allow a remote attacker to execute arbitrary code on the system. The vulnerability has been assigned the CVE identifier CVE-2015-0140 and a CVSS score of 4.1. The bug, patched recently by IBM, exists because an ActiveX control parameter is insufficiently sanitized, and it can be exploited by passing malicious code through the problematic parameter. Researchers at Fortinet's FortiGuard Labs have identified an arbitrary code execution vulnerability in IBM SPSS Statistics, the popular statistical analysis solution.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |