28 matches found
EUVD-2012-3740
Malware in sbrugna...
Schneider Electric Pro-Face WinGP Arbitrary Code Execution Vulnerability
Pro-Face GP Pro-Server EX is the HMI development software of choice for supporting dedicated and open HMI PC-based solutions. An arbitrary code execution vulnerability exists in Schneider Electric Pro-Face WinGP, which can be exploited by an attacker to force the process to load an arbitrary DLL...
Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities
No description provided by source. Luigi Auriemma Application: Pro-face Pro-Server EX WinGP PC Runtime http://www.profaceamerica.com/cms/resourcelibrary/products/9e3c2a7965a27592/index.html Versions: ProServr = 1.30.000 PCRuntime = 3.1.00 Platforms: Windows Bug: A Find Node invalid memory access ...
CVE-2012-3796
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to obtain sensitive information from daemon memory via a crafted packet with a certain opcode...
CVE-2012-3792
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service out-of-bounds read operation via a crafted packet that triggers a certain Find Node check attempt...
CVE-2012-3797
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified...
CVE-2012-3793
Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer...
CVE-2012-3794
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service unhandled exception and daemon crash via a crafted packet with a certain opcode that triggers an invalid attempt to allocate a large...
CVE-2012-3795
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode and a large value in a size field...
Memory corruption
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified...
Integer overflow
Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer...
Code injection
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode and a large value in a size field...
Design/Logic Flaw
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service unhandled exception and daemon crash via a crafted packet with a certain opcode that triggers an invalid attempt to allocate a large...
Out-of-bounds
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service out-of-bounds read operation via a crafted packet that triggers a certain Find Node check attempt...
CVE-2012-3796
Pro-face WinGP PC Runtime 3.1.00 and earlier and Pro-face Pro-Server EX 1.30.000 and earlier are affected by CVE-2012-3796, which allows remote attackers to obtain sensitive information from daemon memory by sending a crafted packet with a specific opcode. The issue is described as an information...
CVE-2012-3795
CVE-2012-3795 affects Pro-face WinGP PC Runtime ≤3.1.00 and Pro-face Pro-Server EX ≤1.30.00 (ProServr.exe). A crafted network packet with a specific opcode and an oversized size field can trigger an out-of-bounds/write condition, causing a remote denial of service (daemon crash). Public details d...
CVE-2012-3796
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to obtain sensitive information from daemon memory via a crafted packet with a certain opcode...
CVE-2012-3792
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service out-of-bounds read operation via a crafted packet that triggers a certain Find Node check attempt...
CVE-2012-3797
CVE-2012-3797 affects Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier. The root cause is improper validation of packet sizes before reusing packet memory buffers, enabling a remote attacker to cause a denial of service via heap memory ...
CVE-2012-3795
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service daemon crash via a crafted packet with a certain opcode and a large value in a size field...