152 matches found
CVE-2016-2291
CVE-2016-2291 affects Pro-face GP-Pro EX HMI software (models EX-ED, PFXEXEDV, PFXEXEDLS, PFXEXGRPLS) and is caused by an out-of-bounds read in the affected components before version 4.05.000. The vulnerability allows remote attackers to cause arbitrary code execution or a denial of service. Publ...
CVE-2016-2290
CVE-2016-2290 is a heap-based buffer overflow affecting Pro-face GP-Pro EX and related editors (EX-ED, PFXEXEDV/EDLS/GRPLS) prior to version 4.05.000. The vulnerability allows remote execution of arbitrary code in the affected process due to a heap-buffer overflow, with the NVD reporting a high-s...
Pro-face GP-Pro EX Authentication Bypass Vulnerability
Pro-face GP-Pro EX is a set of HMI screen editing and logic programming software from American Pro-face. The Pro-face GP-Pro EX has a security vulnerability due to the use of hard-coded certificates by the FTP server. A remote attacker could exploit the vulnerability to access items in the device...
Pro-face GP-Pro EX Heap Buffer Overflow Vulnerability
Pro-face GP-Pro EX is a set of HMI screen editing and logic programming software from American Pro-face. A heap buffer overflow vulnerability exists in Pro-face GP-Pro EX. A remote attacker can exploit this vulnerability to execute arbitrary code in the context of a process...
Pro-face GP-Pro EX HMI Vulnerabilities
OVERVIEW ZDI Zero Day Initiative has identified one information disclosure and two buffer overflow vulnerabilities, and independent researcher Jeremy Brown has identified hard-coded credentials in Pro-face’s GP-Pro EX HMI software. Pro-face has produced a module to mitigate these vulnerabilities...
Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities
No description provided by source. Luigi Auriemma Application: Pro-face Pro-Server EX WinGP PC Runtime http://www.profaceamerica.com/cms/resourcelibrary/products/9e3c2a7965a27592/index.html Versions: ProServr = 1.30.000 PCRuntime = 3.1.00 Platforms: Windows Bug: A Find Node invalid memory access ...
CVE-2012-3797
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified...
CVE-2012-3796
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to obtain sensitive information from daemon memory via a crafted packet with a certain opcode...
CVE-2012-3794
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service unhandled exception and daemon crash via a crafted packet with a certain opcode that triggers an invalid attempt to allocate a large...
CVE-2012-3793
Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer...
CVE-2012-3792
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service out-of-bounds read operation via a crafted packet that triggers a certain Find Node check attempt...
CVE-2012-3795
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode and a large value in a size field...
Out-of-bounds
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service out-of-bounds read operation via a crafted packet that triggers a certain Find Node check attempt...
Design/Logic Flaw
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service unhandled exception and daemon crash via a crafted packet with a certain opcode that triggers an invalid attempt to allocate a large...
Code injection
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode and a large value in a size field...
Integer overflow
Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer...
Memory corruption
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified...
CVE-2012-3793
CVE-2012-3793 affects Pro-face WinGP PC Runtime (3.1.00 and earlier) and Pro-face Pro-Server EX (1.30.000 and earlier). The vulnerability stems from an integer overflow that can cause a buffer overflow when processing a crafted packet with a specific opcode, leading to a denial-of-service (daemon...
CVE-2012-3792
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service out-of-bounds read operation via a crafted packet that triggers a certain Find Node check attempt...
CVE-2012-3793
Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer...