Vulnerabilities > Sielcosistemi > Winlog PRO > 2.07.16
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-19 | CVE-2012-4359 | Improper Input Validation vulnerability in Sielcosistemi Winlog Lite and Winlog PRO Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. | 9.3 |
2012-08-19 | CVE-2012-4355 | Numeric Errors vulnerability in Sielcosistemi Winlog Lite and Winlog PRO TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. | 9.3 |