← Back

CVE-2012-5769

nvd nist
Published: Jan 1, 2013Modified: Apr 29, 2026

JSON object

Loading...
5.8
Vector
AV:N/AC:M/Au:N/C:P/I:N/A:P
Exploitability: 8.6 / Impact: 4.9
Source: NVD

Description

IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.

Affected (12)

Products: Ibm: Spss Modeler
Ibm
1 product
Spss Modeler
Configuration A
12 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Spss Modeler
Version 14.0.0.0
Spss Modeler
Version 14.0.0.1
Spss Modeler
Version 14.0.0.2
Spss Modeler
Version 14.1.0.0
Spss Modeler
Version 14.1.0.1
Spss Modeler
Version 14.1.0.2
Spss Modeler
Version 14.2.0.0
Spss Modeler
Version 14.2.0.1
Spss Modeler
Version 14.2.0.2
Spss Modeler
Version 14.2.0.3
Spss Modeler
Version 15.0.0.0
Spss Modeler
Version 15.0.0.1

References (8)

Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.