Vulnerabilities > CVE-2012-4355 - Numeric Errors vulnerability in Sielcosistemi Winlog Lite and Winlog PRO

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
sielcosistemi
CWE-189
exploit available
NVD
Published: 2012-08-19
Updated: 2012-08-20

Summary

TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354.

Vulnerable Configurations

Part Description Count
Application
Sielcosistemi
55

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionsielco sistemi winlog 2.07.16 - Multiple Vulnerabilities. CVE-2012-3815,CVE-2012-4353,CVE-2012-4354,CVE-2012-4355,CVE-2012-4356,CVE-2012-4357. Dos exploit fo...
idEDB-ID:19409
last seen2016-02-02
modified2012-06-27
published2012-06-27
reporterLuigi Auriemma
sourcehttps://www.exploit-db.com/download/19409/
titlesielco sistemi winlog 2.07.16 - Multiple Vulnerabilities

References