Lucene search
K

7 matches found

NVD
NVD
added 2012/08/19 8:55 p.m.23 views

CVE-2012-4356

Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. dot dot in a pathname, followed ...

4.3CVSS6.9AI score0.27488EPSS
Exploits3References4
NVD
NVD
added 2012/08/19 8:55 p.m.26 views

CVE-2012-4357

Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code blo...

9.3CVSS7.7AI score0.07351EPSS
Exploits1References4
Prion
Prion
added 2012/08/19 8:55 p.m.22 views

Integer overflow

TCPIPSStory.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to ...

9.3CVSS8AI score0.08186EPSS
Exploits2References4Affected Software2
Prion
Prion
added 2012/08/19 8:55 p.m.17 views

Buffer overflow

TCPIPSStory.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to ...

9.3CVSS8.1AI score0.08186EPSS
Exploits1References4Affected Software2
Cvelist
Cvelist
added 2012/08/19 8:0 p.m.29 views

CVE-2012-4359

Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service invalid 0x00 write operation and daemon crash or possibly have unspecified other impact via a...

7.4AI score0.0252EPSS
Exploits1References4
Cvelist
Cvelist
added 2012/08/19 8:0 p.m.31 views

CVE-2012-4357

Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code blo...

7.7AI score0.07351EPSS
Exploits1References4
Metasploit
Metasploit
added 2012/07/12 11:12 a.m.28 views

Sielco Sistemi Winlog Remote File Access

This module exploits a directory traversal in Sielco Sistemi Winlog. The vulnerability exists in the Runtime.exe service and can be triggered by sending a specially crafted packet to the 46824/TCP port. This module has been successfully tested on Sielco Sistemi Winlog Lite 2.07.14. This module...

4.3CVSS0.5AI score0.27488EPSS
Exploits3
Rows per page
Query Builder