Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5769

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-5769
Last Modified 07 Jan 2013 12:00:00
Published 01 Jan 2013 07:35:14
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5769

Summary

IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.

Vulnerable Systems

Application

  • Ibm Spss Modeler 14.0.0.0

  • Ibm Spss Modeler 14.0.0.1

  • Ibm Spss Modeler 14.0.0.2

  • Ibm Spss Modeler 14.1.0.0

  • Ibm Spss Modeler 14.1.0.1

  • Ibm Spss Modeler 14.1.0.2

  • Ibm Spss Modeler 14.2.0.0

  • Ibm Spss Modeler 14.2.0.1

  • Ibm Spss Modeler 14.2.0.2

  • Ibm Spss Modeler 14.2.0.3

  • Ibm Spss Modeler 15.0.0.0

  • Ibm Spss Modeler 15.0.0.1


References

XF - spss-xml-access(80316)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg24034122

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21620758

AIXAPAR - PM79454


Last Updated: 27 May 2016 11:01:30