1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: IBM SPSS SamplePower CVE-2012-5945

Web Attack: IBM SPSS SamplePower CVE-2012-5945

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempts to exploit a buffer overflow vulnerability in IBM SPSS SamplePower which could result in remote code execution

Additional Information

The application is prone to a buffer-overflow vulnerability because it fails to properly bounds check the data by the 'Vsflex8l.ocx' ActiveX control. Specifically, the issue occurs due to an error when handling the 'ComboList'or 'ColComboList' property.


  • IBM SPSS SamplePower 3.0 is vulnerable; other versions may also be affected.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube