Vulnerability Details : CVE-2012-0188
Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX control in mraboutb.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document.
Vulnerability category: Execute code
Products affected by CVE-2012-0188
- cpe:2.3:a:ibm:spss_dimensions:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spss_data_collection:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spss_data_collection:5.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spss_data_collection:6.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-0188
8.59%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-0188
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2012-0188
-
http://secunia.com/advisories/47565
Sign inVendor Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21577956
IBM notice: The page you requested cannot be displayedVendor Advisory
-
http://osvdb.org/78329
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/72118
IBM SPSS Data Collection and SPSS Dimensions (mraboutb.dll) ActiveX control code execution CVE-2012-0188 Vulnerability Report
Jump to