Skip to main content

CVE-2012-5769

Severity Medium
Score 5.8/10

Summary

IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.

  • MEDIUM
  • NETWORK
  • NONE
  • NONE
  • PARTIAL
  • PARTIAL

References

Advisory Timeline

  • Published