CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
92.2%
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a short crafted packet with a certain opcode.
Vendor | Product | Version | CPE |
---|---|---|---|
pro-face | pro-server_ex | * | cpe:2.3:a:pro-face:pro-server_ex:*:*:*:*:*:*:*:* |
pro-face | pro-server_ex | 1.21.000 | cpe:2.3:a:pro-face:pro-server_ex:1.21.000:*:*:*:*:*:*:* |
pro-face | pro-server_ex | 1.23.000 | cpe:2.3:a:pro-face:pro-server_ex:1.23.000:*:*:*:*:*:*:* |
pro-face | pro-server_ex | 1.24.200 | cpe:2.3:a:pro-face:pro-server_ex:1.24.200:*:*:*:*:*:*:* |
pro-face | wingp_pc_runtime | * | cpe:2.3:a:pro-face:wingp_pc_runtime:*:*:*:*:*:*:*:* |