Vulnerabilities > CVE-2012-4354 - Numeric Errors vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
description | sielco sistemi winlog 2.07.16 - Multiple Vulnerabilities. CVE-2012-3815,CVE-2012-4353,CVE-2012-4354,CVE-2012-4355,CVE-2012-4356,CVE-2012-4357. Dos exploit fo... |
id | EDB-ID:19409 |
last seen | 2016-02-02 |
modified | 2012-06-27 |
published | 2012-06-27 |
reporter | Luigi Auriemma |
source | https://www.exploit-db.com/download/19409/ |
title | sielco sistemi winlog 2.07.16 - Multiple Vulnerabilities |