EUVD-2012-3740

Malware in sbrugna...

Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities

No description provided by source. Luigi Auriemma Application: Pro-face Pro-Server EX WinGP PC Runtime http://www.profaceamerica.com/cms/resourcelibrary/products/9e3c2a7965a27592/index.html Versions: ProServr = 1.30.000 PCRuntime = 3.1.00 Platforms: Windows Bug: A Find Node invalid memory access ...

CVE-2012-3792

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service out-of-bounds read operation via a crafted packet that triggers a certain Find Node check attempt...

CVE-2012-3795

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode and a large value in a size field...

Integer overflow

Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer...

CVE-2012-3795

CVE-2012-3795 affects Pro-face WinGP PC Runtime ≤3.1.00 and Pro-face Pro-Server EX ≤1.30.00 (ProServr.exe). A crafted network packet with a specific opcode and an oversized size field can trigger an out-of-bounds/write condition, causing a remote denial of service (daemon crash). Public details d...

CVE-2012-3796

Pro-face WinGP PC Runtime 3.1.00 and earlier and Pro-face Pro-Server EX 1.30.000 and earlier are affected by CVE-2012-3796, which allows remote attackers to obtain sensitive information from daemon memory by sending a crafted packet with a specific opcode. The issue is described as an information...

CVE-2012-3795

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode and a large value in a size field...

CVE-2012-3793

CVE-2012-3793 affects Pro-face WinGP PC Runtime (3.1.00 and earlier) and Pro-face Pro-Server EX (1.30.000 and earlier). The vulnerability stems from an integer overflow that can cause a buffer overflow when processing a crafted packet with a specific opcode, leading to a denial-of-service (daemon...

CVE-2012-3792

The vulnerability CVE-2012-3792 affects Pro-face WinGP PC Runtime <= 3.1.00 and Pro-face Pro-Server EX

Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities

Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities Luigi Auriemma Application: Pro-face Pro-Server EX WinGP PC Runtime http://www.profaceamerica.com/cms/resourcelibrary/products/9e3c2a7965a27592/index.html Versions: ProServr = 1.30.000 PCRuntime = 3.1.00 Platforms: Windows Bug: A...

Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities

Luigi Auriemma Application: Pro-face Pro-Server EX WinGP PC Runtime http://www.profaceamerica.com/cms/resourcelibrary/products/9e3c2a7965a27592/index.html Versions: ProServr = 1.30.000 PCRuntime = 3.1.00 Platforms: Windows Bug: A "Find Node" invalid memory access B memset integer overflow C...

Pro-Face Pro-Server EX Vulnerabilities

Overview This advisory is a follow-up to the alert titled “ICS-ALERT-12-137-01 Pro-face Pro-Server EX Vulnerabilities,” that was published May 16, 2012, on the ICS-CERT Web page. Independent researcher Luigi Auriemma identified multiple vulnerabilities in the Pro-face Pro-Server EX application an...