Vulnerability Details CVE-2015-8530
Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics 19 and 20 before 20.0.0.2-IF0008, 21 before 21.0.0.2-IF0010, 22 before 22.0.0.2-IF0011, 23 before 23.0.0.3-IF0001, and 24 before 24.0.0.0-IF0003 allows remote authenticated users to execute arbitrary code via a long argument.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.0
References
Products affected by CVE-2015-8530
-
cpe:2.3:a:ibm:spss_statistics:19.0.0.0
-
cpe:2.3:a:ibm:spss_statistics:19.0.0.1
-
cpe:2.3:a:ibm:spss_statistics:19.0.0.2
-
cpe:2.3:a:ibm:spss_statistics:20.0.0.0
-
cpe:2.3:a:ibm:spss_statistics:20.0.0.1
-
cpe:2.3:a:ibm:spss_statistics:21.0.0.0
-
cpe:2.3:a:ibm:spss_statistics:21.0.0.1
-
cpe:2.3:a:ibm:spss_statistics:22.0.0.0
-
cpe:2.3:a:ibm:spss_statistics:22.0.0.1
-
cpe:2.3:a:ibm:spss_statistics:23.0.0.0
-
cpe:2.3:a:ibm:spss_statistics:23.0.0.1
-
cpe:2.3:a:ibm:spss_statistics:23.0.0.2
-
cpe:2.3:a:ibm:spss_statistics:24.0.0.0