Ixia ATI Research Center Discovers Zero-Day IBM SPSS Statistics Vulnerability
Ixia’s ATI Research Center recently discovered a previously unknown buffer overflow vulnerability inside IBM SPSS Statistics. The vulnerability is due to the improper validation of argument of the Initialize function and could allow a remote attacker execute code in the context of a targeted user.
IBM SPSS Statistics Overview
IBM SPSS Statistics is an integrated family of products that addresses the entire analytical process, from planning to data collection to analysis, reporting, and deployment.
- An ActiveX Control buffer overflow Vulnerability CVE-2015-8530 in IBM SPSS 20 through 24
- IBM has issued a patch, available here
- Ixia BreakingPoint PoC strike released in ATI-2016-10, available here
- Ixia BPS Advisory, available here
A buffer overflow vulnerability exists in IBM SPSS Statistics 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, and 188.8.131.52. The vulnerability is due to the improper validation of argument of Initialize function. A remote attacker could exploit this vulnerability by enticing a vulnerable user to open a crafted web page. Successful exploitation could lead to code execution in the context of the target user.
Leverage Subscription Service to Stay Ahead of Attacks
The Ixia BreakingPoint Application and Threat Intelligence (ATI) Subscription provides bi-weekly updates of the latest application protocols and attacks for use with Ixia platforms.