Vulnerability Bulletins

IBM Security Bulletin: IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Remote Code Execution Vulnerability (CVE-2014-0895)

System information
   
Affected software IBM

Description
There is security vulnerability with an ActiveX control shipped by IBM SPSS SamplePower Version 3.0.1. This is corrected in the IBM SPSS SamplePower product Interim Fix. CVE(s): CVE-2014-0895 Affected product(s) and affected version(s): IBM SPSS SamplePower for Windows V3.0.1 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21666790 X-Force Database:

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_spss_samplepower_vsflex8l_activex_control_combolist_property_remote_code_execution_vulnerability_cve_2014_0895?lang=en_us

Standar resources
Property Value
CVE CVE-2014-0895 ,CVE-2014-0904 ,CVE-2013-6724 ,CVE-2013-4002 ,CVE-2013-5825 ,CVE-2013-5372 ,CVE-2014-0416 and CVE-2014-0411.

Version history
Version Comments Date
1.0 Advisory issued 2014-03-12
Ministerio de Defensa
CNI
CCN
CCN-CERT