48 matches found
EUVD-2017-14270
Malware in sbrugna...
EUVD-2012-4302
Malware in sbrugna...
EUVD-2012-4301
Malware in sbrugna...
CVE-2012-4356
Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. dot dot in a pathname, followed ...
CVE-2012-4354
TCPIPSStory.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to ...
CVE-2017-5161
An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element DLL Hijacking vulnerability has been identified. Exploitation of this vulnerability could...
CVE-2017-5161
An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element DLL Hijacking vulnerability has been identified. Exploitation of this vulnerability could...
CVE-2017-5161
CVE-2017-5161 concerns a DLL hijacking (Uncontrolled Search Path Element) vulnerability in Sielco Sistemi Winlog Lite/Pro SCADA software prior to 3.02.01. The root cause is an uncontrolled search path element that could allow a local attacker to load a malicious DLL and gain the same privileges a...
Sielco Sistemi Winlog Pro/ Winlog Lite DLL Load Local Code Execution Vulnerability
SIELCO SISTEMI Winlog is an application for data acquisition and remote control of SCADA HMI monitoring software. A local code execution vulnerability exists in Sielco Sistemi Winlog Pro and Winlog Lite. An attacker could exploit this vulnerability to execute arbitrary code in the affected...
CVE-2012-4359
Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service invalid 0x00 write operation and daemon crash or possibly have unspecified other impact via a...
CVE-2012-4354
TCPIPSStory.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to ...
CVE-2012-4357
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code blo...
CVE-2012-4358
Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service invalid 0x00 write operation and daemon crash or possibly have unspecified other impact via a...
CVE-2012-4353
Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the TCPIPSBinOpenFileFP function,...
CVE-2012-4355
TCPIPSStory.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to ...
CVE-2012-4356
Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. dot dot in a pathname, followed ...
Directory traversal
Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. dot dot in a pathname, followed ...
Stack overflow
Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the TCPIPSBinOpenFileFP function,...
Buffer overflow
TCPIPSStory.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to ...
Integer overflow
Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service invalid 0x00 write operation and daemon crash or possibly have unspecified other impact via a...