Vulnerabilities > Sielcosistemi

DATE CVE VULNERABILITY TITLE RISK
2017-02-13 CVE-2017-5161 Uncontrolled Search Path Element vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01.
network
sielcosistemi CWE-427
critical
9.3
2012-08-19 CVE-2012-4359 Improper Input Validation vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode.
network
sielcosistemi CWE-20
critical
9.3
2012-08-19 CVE-2012-4358 Improper Input Validation vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode.
network
sielcosistemi CWE-20
critical
9.3
2012-08-19 CVE-2012-4357 Improper Input Validation vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.
network
sielcosistemi CWE-20
critical
9.3
2012-08-19 CVE-2012-4356 Path Traversal vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a ..
4.3
2012-08-19 CVE-2012-4355 Numeric Errors vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow.
network
sielcosistemi CWE-189
critical
9.3
2012-08-19 CVE-2012-4354 Numeric Errors vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow.
network
sielcosistemi CWE-189
critical
9.3
2012-08-19 CVE-2012-4353 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815.
network
sielcosistemi CWE-119
critical
9.3
2012-06-27 CVE-2012-3815 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824.
network
sielcosistemi CWE-119
critical
9.3
2011-12-22 CVE-2011-4037 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file.
network
sielcosistemi CWE-119
critical
9.3