|
|
| |
Credit:
The information has been provided by Andrea Micalizzi aka rgod.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-12-019/
|
| |
Vulnerable Systems:
* IBM SPSS
User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within SetLicenseInfoEx() method exposed by the mraboutb.dll ActiveX Control. String data supplied to the first parameter (strInstallDir) of SetLicenseInfoEx() is copied into a 256 byte global buffer without first checking the string length. This overflow can be exploited to remotely execute arbitrary code on the target system.
Patch Availability:
IBM has issued an update to correct this vulnerability. More details can be found at:
http://www-01.ibm.com/support/docview.wss?uid=swg21577956
CVE Information:
CVE-2012-0188
Disclosure Timeline:
2011-07-20 - Vulnerability reported to vendor
2012-01-30 - Coordinated public release of advisory
|
|
|
