Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 IF1 allows remote attackers to execute arbitrary code via a crafted ComboList property value. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
RCE
IBM
Spss Samplepower
NVD
CVSS 2.0
9.3
EPSS
4.5%