Vulnerabilities > Sielcosistemi > Winlog PRO > 2.07.16

DATE CVE VULNERABILITY TITLE RISK
2012-08-19 CVE-2012-4359 Improper Input Validation vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode.
network
sielcosistemi CWE-20
critical
 9.3
9.3
2012-08-19 CVE-2012-4355 Numeric Errors vulnerability in Sielcosistemi Winlog Lite and Winlog PRO
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow.
network
sielcosistemi CWE-189
critical
 9.3
9.3