Lucene search

K
cve[email protected]CVE-2012-4359
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-4359

2022-10-0316:15:32
CWE-20
web.nvd.nist.gov
23
sielco sistemi
winlog pro
winlog lite
scada
cve-2012-4359
vulnerability
denial of service
remote attack

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.8%

Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358.

Affected configurations

NVD
Node
sielcosistemiwinlog_proRange2.07.17
OR
sielcosistemiwinlog_proMatch2.06.00
OR
sielcosistemiwinlog_proMatch2.06.03
OR
sielcosistemiwinlog_proMatch2.06.04
OR
sielcosistemiwinlog_proMatch2.06.06
OR
sielcosistemiwinlog_proMatch2.06.09
OR
sielcosistemiwinlog_proMatch2.06.10
OR
sielcosistemiwinlog_proMatch2.06.12
OR
sielcosistemiwinlog_proMatch2.06.13
OR
sielcosistemiwinlog_proMatch2.06.14
OR
sielcosistemiwinlog_proMatch2.06.18
OR
sielcosistemiwinlog_proMatch2.06.21
OR
sielcosistemiwinlog_proMatch2.06.24
OR
sielcosistemiwinlog_proMatch2.06.25
OR
sielcosistemiwinlog_proMatch2.06.28
OR
sielcosistemiwinlog_proMatch2.06.40
OR
sielcosistemiwinlog_proMatch2.06.46
OR
sielcosistemiwinlog_proMatch2.06.50
OR
sielcosistemiwinlog_proMatch2.06.60
OR
sielcosistemiwinlog_proMatch2.06.73
OR
sielcosistemiwinlog_proMatch2.06.86
OR
sielcosistemiwinlog_proMatch2.07.00
OR
sielcosistemiwinlog_proMatch2.07.01
OR
sielcosistemiwinlog_proMatch2.07.08
OR
sielcosistemiwinlog_proMatch2.07.09
OR
sielcosistemiwinlog_proMatch2.07.11
OR
sielcosistemiwinlog_proMatch2.07.14
OR
sielcosistemiwinlog_proMatch2.07.16
Node
sielcosistemiwinlog_liteRange2.07.17
OR
sielcosistemiwinlog_liteMatch2.06.00
OR
sielcosistemiwinlog_liteMatch2.06.03
OR
sielcosistemiwinlog_liteMatch2.06.04
OR
sielcosistemiwinlog_liteMatch2.06.06
OR
sielcosistemiwinlog_liteMatch2.06.09
OR
sielcosistemiwinlog_liteMatch2.06.10
OR
sielcosistemiwinlog_liteMatch2.06.12
OR
sielcosistemiwinlog_liteMatch2.06.13
OR
sielcosistemiwinlog_liteMatch2.06.14
OR
sielcosistemiwinlog_liteMatch2.06.18
OR
sielcosistemiwinlog_liteMatch2.06.21
OR
sielcosistemiwinlog_liteMatch2.06.24
OR
sielcosistemiwinlog_liteMatch2.06.25
OR
sielcosistemiwinlog_liteMatch2.06.28
OR
sielcosistemiwinlog_liteMatch2.06.40
OR
sielcosistemiwinlog_liteMatch2.06.46
OR
sielcosistemiwinlog_liteMatch2.06.50
OR
sielcosistemiwinlog_liteMatch2.06.60
OR
sielcosistemiwinlog_liteMatch2.06.73
OR
sielcosistemiwinlog_liteMatch2.06.86
OR
sielcosistemiwinlog_liteMatch2.07.00
OR
sielcosistemiwinlog_liteMatch2.07.01
OR
sielcosistemiwinlog_liteMatch2.07.08
OR
sielcosistemiwinlog_liteMatch2.07.09
OR
sielcosistemiwinlog_liteMatch2.07.11
OR
sielcosistemiwinlog_liteMatch2.07.14
OR
sielcosistemiwinlog_liteMatch2.07.16

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.8%