Security Bulletin: IBM SPSS Modeler - XML (CVE-2012-5769)
If an attacker makes a victim open a specially crafted XML document, IBM SPSS Modeler installed on the victim's system could be made to automatically send the contents of local or remote resource to the attacker's server. It could also be possible to conduct denial of service attacks.
Affected product(s) & Affected version(s): Versions 14 through 15.0 of IBM SPSS Modeler running on all supported platforms are affected.
Refer to the following reference URLs for remediation and additional vulnerability details.