Search criteria
30 vulnerabilities found for winlog_lite by sielcosistemi
FKIE_CVE-2017-5161
Vulnerability from fkie_nvd - Published: 2017-02-13 21:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/96119 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96119 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01 | Mitigation, Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sielcosistemi | winlog_lite | * | |
| sielcosistemi | winlog_pro | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03372132-C2BD-471F-A2D0-3CE01A3BB432",
"versionEndIncluding": "3.01.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE1A9F0-0F59-4133-8876-16CF6936ACEC",
"versionEndIncluding": "3.01.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL."
},
{
"lang": "es",
"value": "Ha sido descubierto un problema en Sielco Sistemi Software Winlog Lite SCADA Software, versiones anteriores a la Versi\u00f3n 3.02.01 y Winlog Pro SCADA Software, versiones anteriores a la Versi\u00f3n 3.02.01. Se ha identificado una vulnerabilidad no controlada del elemento de ruta de acceso de b\u00fasqueda (DLL Hijacking). La explotaci\u00f3n de esta vulnerabilidad podr\u00eda dar a un atacante acceso al sistema con el mismo nivel de privilegio que la aplicaci\u00f3n que utiliza la DLL maliciosa."
}
],
"id": "CVE-2017-5161",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.6,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-13T21:59:02.830",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96119"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4359
Vulnerability from fkie_nvd - Published: 2012-08-19 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2D05FC-33E0-41A5-8CF3-32A6B43891FB",
"versionEndIncluding": "2.07.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF1B03C-54CF-4027-A58B-DFCE4FBA84CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0D672AD8-9A7D-4257-8D1B-A79051F7EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2041DF-7469-4B19-9C58-A776EC09883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE7A9FD-CFFF-4D15-9BB0-014984BF390D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4B97C6-1A3C-4D9F-ADD5-EE4D2B3FE6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBFE030-8A5F-478F-8BB0-1FF60C9A49FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "16C51DFE-73CA-4961-BC26-F0E285A4AE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "924BCED2-A2C9-4A7B-9291-C9D1725A23C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9728479C-278D-4E07-8597-DB32223A4E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A146B9C7-2742-4ED7-BB9B-C5C91C23AA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6F570F84-49C0-44F2-AE08-E5ACC40FDDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "3EBD17A7-8F08-4ECA-B577-3D120B5B72FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABEFD13-6D5D-4617-B117-01A8DA34C4FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22ED36-2B1A-4D04-86DB-E4CE0EB85DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3B466B-01FA-4D22-B0B0-A2ABBB748BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD7295A-26E9-477B-86C1-8260A1849356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E44368E8-F333-41DF-A210-F03A82436A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2674A1-474A-4976-AE2D-ADEEBED8BB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0D5188-AEA9-427E-9852-FDB14ED5DB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C35A8A7C-49CD-4039-84E0-BF69286E69C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCF41D0-4259-418A-B7BC-BC0A779A990A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9A684E73-28F5-45CB-98C8-D16C14EE2FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A63BA260-2527-4E92-BB70-B351C3849855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D4377B-FED5-4D0D-AA99-838F4BD79777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0260871D-2CF7-4C7D-B7D1-B985B089190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9F981871-2AF4-4160-8056-29D8E0F5B900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.16:*:*:*:*:*:*:*",
"matchCriteriaId": "67938DAB-5F41-4277-834B-AECA19C51F4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF7AAE9D-258C-45F8-95AD-1B0466B0C964",
"versionEndIncluding": "2.07.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "47F58C24-BABB-4FC6-95E2-72F7F3211E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "358EA7A5-EC72-4767-B857-FB077EF318DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "210F68AE-1801-4F1C-8456-3388BCA76913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5FFAAC-A327-4BDE-8313-D47CBB5161FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7D7FD6-3B86-42E7-B039-9C3570DB6813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "831D86C8-2C16-435D-A3E7-7E2B3FCABDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "115F4E5E-4C00-4B3E-B34F-6FE0F322E591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "698B9BC0-5F57-4624-AEC6-864B4E4B1CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "564CD457-97F2-436F-9AFD-F9F82A6BD368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F7398A76-C1C1-43BF-AFD3-A0B8177B63DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF9E5D8-14E0-4506-A08D-97125F643279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30B897-69DB-461C-A382-B7124A809ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "703A4316-7745-46AC-BC36-A110DEA57F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCF347-6E14-4BC8-AA22-6825C68EE67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C7FD60-29C2-40C5-BBD1-5C7426FE17FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD79175-3D49-4951-9F8F-47DDCDCD681D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "30FF1930-4632-4ED2-A135-DE9418AFDDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB19780-F6C7-44C5-8FBE-19A40EF94648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "54739E92-66BF-4A19-881B-DBA335B29967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCEFDF8-178A-42FE-A8D6-7C104E6F2F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "110EDA4F-6790-40CF-846D-11622858A2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "BA670181-0918-41F5-8AAE-684720ACFBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A05C562A-2760-4541-BD33-CF6B0F3C5E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2B5F48-2ECA-423D-83C1-FA49D8EED361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CFE33-7559-463C-A518-1F9FCBEB82F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "41350C83-559C-4564-84FB-401917686921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.16:*:*:*:*:*:*:*",
"matchCriteriaId": "824C16BA-A7FA-4396-8AC6-C1F89097B8CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358."
},
{
"lang": "es",
"value": "Sielco Sistemi Winlog Pro SCADA antes de v2.07.18 y Winlog Lite SCADA antes de v2.07.18 no validan el valor de retorno de la funci\u00f3n realloc, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (por operaci\u00f3n de escritura 0x00 no v\u00e1lida y ca\u00edda del demonio) o posiblemente tener un impacto no especificado a trav\u00e9s de un paquete enviado al puerto TCP 46824 con un n\u00famero entero negativo despu\u00e9s del opcode. NOTA: esta vulnerabilidad se debe a un arreglo incompleto del CVE-2012-4358."
}
],
"id": "CVE-2012-4359",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-19T20:55:02.003",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "cve@mitre.org",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4354
Vulnerability from fkie_nvd - Published: 2012-08-19 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B4BB2C-EB82-456E-A9CA-72D6C862ECC6",
"versionEndIncluding": "2.07.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF1B03C-54CF-4027-A58B-DFCE4FBA84CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0D672AD8-9A7D-4257-8D1B-A79051F7EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2041DF-7469-4B19-9C58-A776EC09883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE7A9FD-CFFF-4D15-9BB0-014984BF390D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4B97C6-1A3C-4D9F-ADD5-EE4D2B3FE6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBFE030-8A5F-478F-8BB0-1FF60C9A49FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "16C51DFE-73CA-4961-BC26-F0E285A4AE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "924BCED2-A2C9-4A7B-9291-C9D1725A23C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9728479C-278D-4E07-8597-DB32223A4E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A146B9C7-2742-4ED7-BB9B-C5C91C23AA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6F570F84-49C0-44F2-AE08-E5ACC40FDDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "3EBD17A7-8F08-4ECA-B577-3D120B5B72FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABEFD13-6D5D-4617-B117-01A8DA34C4FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22ED36-2B1A-4D04-86DB-E4CE0EB85DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3B466B-01FA-4D22-B0B0-A2ABBB748BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD7295A-26E9-477B-86C1-8260A1849356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E44368E8-F333-41DF-A210-F03A82436A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2674A1-474A-4976-AE2D-ADEEBED8BB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0D5188-AEA9-427E-9852-FDB14ED5DB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C35A8A7C-49CD-4039-84E0-BF69286E69C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCF41D0-4259-418A-B7BC-BC0A779A990A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9A684E73-28F5-45CB-98C8-D16C14EE2FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A63BA260-2527-4E92-BB70-B351C3849855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D4377B-FED5-4D0D-AA99-838F4BD79777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0260871D-2CF7-4C7D-B7D1-B985B089190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9F981871-2AF4-4160-8056-29D8E0F5B900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE55F0A-2038-452C-BF36-D91E0281DCE8",
"versionEndIncluding": "2.07.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "47F58C24-BABB-4FC6-95E2-72F7F3211E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "358EA7A5-EC72-4767-B857-FB077EF318DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "210F68AE-1801-4F1C-8456-3388BCA76913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5FFAAC-A327-4BDE-8313-D47CBB5161FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7D7FD6-3B86-42E7-B039-9C3570DB6813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "831D86C8-2C16-435D-A3E7-7E2B3FCABDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "115F4E5E-4C00-4B3E-B34F-6FE0F322E591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "698B9BC0-5F57-4624-AEC6-864B4E4B1CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "564CD457-97F2-436F-9AFD-F9F82A6BD368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F7398A76-C1C1-43BF-AFD3-A0B8177B63DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF9E5D8-14E0-4506-A08D-97125F643279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30B897-69DB-461C-A382-B7124A809ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "703A4316-7745-46AC-BC36-A110DEA57F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCF347-6E14-4BC8-AA22-6825C68EE67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C7FD60-29C2-40C5-BBD1-5C7426FE17FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD79175-3D49-4951-9F8F-47DDCDCD681D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "30FF1930-4632-4ED2-A135-DE9418AFDDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB19780-F6C7-44C5-8FBE-19A40EF94648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "54739E92-66BF-4A19-881B-DBA335B29967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCEFDF8-178A-42FE-A8D6-7C104E6F2F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "110EDA4F-6790-40CF-846D-11622858A2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "BA670181-0918-41F5-8AAE-684720ACFBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A05C562A-2760-4541-BD33-CF6B0F3C5E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2B5F48-2ECA-423D-83C1-FA49D8EED361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CFE33-7559-463C-A518-1F9FCBEB82F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "41350C83-559C-4564-84FB-401917686921",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "TCPIPS_Story.dll en Sielco Sistemi Winlog Pro SCADA antes de v2.07.17 y Winlog Lite SCADA antes de v2.07.17 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un paquete al puerto TCP 46824 con un n\u00famero entero positivo despu\u00e9s del c\u00f3digo de operaci\u00f3n, lo que provoca el procesamiento de un puntero a funcion incorrecto la que puede llevar a un desbordamiento de b\u00fafer. NOTA: algunos de estos detalles han sido obtenidos a partir de informaci\u00f3n de terceros."
}
],
"id": "CVE-2012-4354",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-19T20:55:01.690",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "cve@mitre.org",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4358
Vulnerability from fkie_nvd - Published: 2012-08-19 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B4BB2C-EB82-456E-A9CA-72D6C862ECC6",
"versionEndIncluding": "2.07.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF1B03C-54CF-4027-A58B-DFCE4FBA84CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0D672AD8-9A7D-4257-8D1B-A79051F7EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2041DF-7469-4B19-9C58-A776EC09883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE7A9FD-CFFF-4D15-9BB0-014984BF390D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4B97C6-1A3C-4D9F-ADD5-EE4D2B3FE6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBFE030-8A5F-478F-8BB0-1FF60C9A49FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "16C51DFE-73CA-4961-BC26-F0E285A4AE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "924BCED2-A2C9-4A7B-9291-C9D1725A23C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9728479C-278D-4E07-8597-DB32223A4E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A146B9C7-2742-4ED7-BB9B-C5C91C23AA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6F570F84-49C0-44F2-AE08-E5ACC40FDDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "3EBD17A7-8F08-4ECA-B577-3D120B5B72FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABEFD13-6D5D-4617-B117-01A8DA34C4FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22ED36-2B1A-4D04-86DB-E4CE0EB85DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3B466B-01FA-4D22-B0B0-A2ABBB748BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD7295A-26E9-477B-86C1-8260A1849356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E44368E8-F333-41DF-A210-F03A82436A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2674A1-474A-4976-AE2D-ADEEBED8BB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0D5188-AEA9-427E-9852-FDB14ED5DB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C35A8A7C-49CD-4039-84E0-BF69286E69C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCF41D0-4259-418A-B7BC-BC0A779A990A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9A684E73-28F5-45CB-98C8-D16C14EE2FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A63BA260-2527-4E92-BB70-B351C3849855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D4377B-FED5-4D0D-AA99-838F4BD79777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0260871D-2CF7-4C7D-B7D1-B985B089190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9F981871-2AF4-4160-8056-29D8E0F5B900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE55F0A-2038-452C-BF36-D91E0281DCE8",
"versionEndIncluding": "2.07.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "47F58C24-BABB-4FC6-95E2-72F7F3211E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "358EA7A5-EC72-4767-B857-FB077EF318DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "210F68AE-1801-4F1C-8456-3388BCA76913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5FFAAC-A327-4BDE-8313-D47CBB5161FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7D7FD6-3B86-42E7-B039-9C3570DB6813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "831D86C8-2C16-435D-A3E7-7E2B3FCABDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "115F4E5E-4C00-4B3E-B34F-6FE0F322E591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "698B9BC0-5F57-4624-AEC6-864B4E4B1CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "564CD457-97F2-436F-9AFD-F9F82A6BD368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F7398A76-C1C1-43BF-AFD3-A0B8177B63DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF9E5D8-14E0-4506-A08D-97125F643279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30B897-69DB-461C-A382-B7124A809ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "703A4316-7745-46AC-BC36-A110DEA57F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCF347-6E14-4BC8-AA22-6825C68EE67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C7FD60-29C2-40C5-BBD1-5C7426FE17FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD79175-3D49-4951-9F8F-47DDCDCD681D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "30FF1930-4632-4ED2-A135-DE9418AFDDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB19780-F6C7-44C5-8FBE-19A40EF94648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "54739E92-66BF-4A19-881B-DBA335B29967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCEFDF8-178A-42FE-A8D6-7C104E6F2F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "110EDA4F-6790-40CF-846D-11622858A2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "BA670181-0918-41F5-8AAE-684720ACFBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A05C562A-2760-4541-BD33-CF6B0F3C5E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2B5F48-2ECA-423D-83C1-FA49D8EED361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CFE33-7559-463C-A518-1F9FCBEB82F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "41350C83-559C-4564-84FB-401917686921",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode."
},
{
"lang": "es",
"value": "Sielco Sistemi Winlog Pro SCADA antes de v2.07.17 y Winlog Lite SCADA antes de v2.07.17 no validan el valor de retorno de la funci\u00f3n realloc, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (mediante una operaci\u00f3n de escritura de 0x00 no v\u00e1lida y la consiguiente ca\u00edda del demonio) o posiblemente tener un impacto no especificado a trav\u00e9s de un paquete enviado al puerto TCP 46824 con un n\u00famero entero positivo tras el c\u00f3digo de operaci\u00f3n."
}
],
"id": "CVE-2012-4358",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-19T20:55:01.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "cve@mitre.org",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4356
Vulnerability from fkie_nvd - Published: 2012-08-19 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B4BB2C-EB82-456E-A9CA-72D6C862ECC6",
"versionEndIncluding": "2.07.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF1B03C-54CF-4027-A58B-DFCE4FBA84CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0D672AD8-9A7D-4257-8D1B-A79051F7EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2041DF-7469-4B19-9C58-A776EC09883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE7A9FD-CFFF-4D15-9BB0-014984BF390D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4B97C6-1A3C-4D9F-ADD5-EE4D2B3FE6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBFE030-8A5F-478F-8BB0-1FF60C9A49FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "16C51DFE-73CA-4961-BC26-F0E285A4AE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "924BCED2-A2C9-4A7B-9291-C9D1725A23C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9728479C-278D-4E07-8597-DB32223A4E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A146B9C7-2742-4ED7-BB9B-C5C91C23AA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6F570F84-49C0-44F2-AE08-E5ACC40FDDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "3EBD17A7-8F08-4ECA-B577-3D120B5B72FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABEFD13-6D5D-4617-B117-01A8DA34C4FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22ED36-2B1A-4D04-86DB-E4CE0EB85DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3B466B-01FA-4D22-B0B0-A2ABBB748BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD7295A-26E9-477B-86C1-8260A1849356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E44368E8-F333-41DF-A210-F03A82436A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2674A1-474A-4976-AE2D-ADEEBED8BB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0D5188-AEA9-427E-9852-FDB14ED5DB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C35A8A7C-49CD-4039-84E0-BF69286E69C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCF41D0-4259-418A-B7BC-BC0A779A990A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9A684E73-28F5-45CB-98C8-D16C14EE2FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A63BA260-2527-4E92-BB70-B351C3849855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D4377B-FED5-4D0D-AA99-838F4BD79777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0260871D-2CF7-4C7D-B7D1-B985B089190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9F981871-2AF4-4160-8056-29D8E0F5B900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE55F0A-2038-452C-BF36-D91E0281DCE8",
"versionEndIncluding": "2.07.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "47F58C24-BABB-4FC6-95E2-72F7F3211E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "358EA7A5-EC72-4767-B857-FB077EF318DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "210F68AE-1801-4F1C-8456-3388BCA76913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5FFAAC-A327-4BDE-8313-D47CBB5161FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7D7FD6-3B86-42E7-B039-9C3570DB6813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "831D86C8-2C16-435D-A3E7-7E2B3FCABDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "115F4E5E-4C00-4B3E-B34F-6FE0F322E591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "698B9BC0-5F57-4624-AEC6-864B4E4B1CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "564CD457-97F2-436F-9AFD-F9F82A6BD368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F7398A76-C1C1-43BF-AFD3-A0B8177B63DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF9E5D8-14E0-4506-A08D-97125F643279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30B897-69DB-461C-A382-B7124A809ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "703A4316-7745-46AC-BC36-A110DEA57F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCF347-6E14-4BC8-AA22-6825C68EE67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C7FD60-29C2-40C5-BBD1-5C7426FE17FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD79175-3D49-4951-9F8F-47DDCDCD681D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "30FF1930-4632-4ED2-A135-DE9418AFDDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB19780-F6C7-44C5-8FBE-19A40EF94648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "54739E92-66BF-4A19-881B-DBA335B29967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCEFDF8-178A-42FE-A8D6-7C104E6F2F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "110EDA4F-6790-40CF-846D-11622858A2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "BA670181-0918-41F5-8AAE-684720ACFBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A05C562A-2760-4541-BD33-CF6B0F3C5E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2B5F48-2ECA-423D-83C1-FA49D8EED361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CFE33-7559-463C-A518-1F9FCBEB82F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "41350C83-559C-4564-84FB-401917686921",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de salto de directorio en Sielco Sistemi Winlog Pro SCADA antes de v2.07.17 y Winlog Lite SCADA antes de v2.07.17 permiten a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de un paquete al puerto TCP 46824 especificando una operaci\u00f3n de apertura de archivo con c\u00f3digo de operaci\u00f3n 0x78 y un .. (punto punto) en una ruta de acceso, seguida de una operaci\u00f3n de lectura de archivo con c\u00f3digo de operaci\u00f3n (1) 0x96, (2) 0x97 o (3) 0x98."
}
],
"id": "CVE-2012-4356",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-19T20:55:01.863",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "cve@mitre.org",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4353
Vulnerability from fkie_nvd - Published: 2012-08-19 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B4BB2C-EB82-456E-A9CA-72D6C862ECC6",
"versionEndIncluding": "2.07.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF1B03C-54CF-4027-A58B-DFCE4FBA84CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0D672AD8-9A7D-4257-8D1B-A79051F7EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2041DF-7469-4B19-9C58-A776EC09883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE7A9FD-CFFF-4D15-9BB0-014984BF390D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4B97C6-1A3C-4D9F-ADD5-EE4D2B3FE6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBFE030-8A5F-478F-8BB0-1FF60C9A49FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "16C51DFE-73CA-4961-BC26-F0E285A4AE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "924BCED2-A2C9-4A7B-9291-C9D1725A23C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9728479C-278D-4E07-8597-DB32223A4E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A146B9C7-2742-4ED7-BB9B-C5C91C23AA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6F570F84-49C0-44F2-AE08-E5ACC40FDDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "3EBD17A7-8F08-4ECA-B577-3D120B5B72FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABEFD13-6D5D-4617-B117-01A8DA34C4FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22ED36-2B1A-4D04-86DB-E4CE0EB85DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3B466B-01FA-4D22-B0B0-A2ABBB748BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD7295A-26E9-477B-86C1-8260A1849356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E44368E8-F333-41DF-A210-F03A82436A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2674A1-474A-4976-AE2D-ADEEBED8BB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0D5188-AEA9-427E-9852-FDB14ED5DB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C35A8A7C-49CD-4039-84E0-BF69286E69C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCF41D0-4259-418A-B7BC-BC0A779A990A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9A684E73-28F5-45CB-98C8-D16C14EE2FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A63BA260-2527-4E92-BB70-B351C3849855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D4377B-FED5-4D0D-AA99-838F4BD79777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0260871D-2CF7-4C7D-B7D1-B985B089190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9F981871-2AF4-4160-8056-29D8E0F5B900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE55F0A-2038-452C-BF36-D91E0281DCE8",
"versionEndIncluding": "2.07.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "47F58C24-BABB-4FC6-95E2-72F7F3211E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "358EA7A5-EC72-4767-B857-FB077EF318DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "210F68AE-1801-4F1C-8456-3388BCA76913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5FFAAC-A327-4BDE-8313-D47CBB5161FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7D7FD6-3B86-42E7-B039-9C3570DB6813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "831D86C8-2C16-435D-A3E7-7E2B3FCABDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "115F4E5E-4C00-4B3E-B34F-6FE0F322E591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "698B9BC0-5F57-4624-AEC6-864B4E4B1CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "564CD457-97F2-436F-9AFD-F9F82A6BD368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F7398A76-C1C1-43BF-AFD3-A0B8177B63DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF9E5D8-14E0-4506-A08D-97125F643279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30B897-69DB-461C-A382-B7124A809ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "703A4316-7745-46AC-BC36-A110DEA57F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCF347-6E14-4BC8-AA22-6825C68EE67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C7FD60-29C2-40C5-BBD1-5C7426FE17FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD79175-3D49-4951-9F8F-47DDCDCD681D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "30FF1930-4632-4ED2-A135-DE9418AFDDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB19780-F6C7-44C5-8FBE-19A40EF94648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "54739E92-66BF-4A19-881B-DBA335B29967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCEFDF8-178A-42FE-A8D6-7C104E6F2F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "110EDA4F-6790-40CF-846D-11622858A2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "BA670181-0918-41F5-8AAE-684720ACFBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A05C562A-2760-4541-BD33-CF6B0F3C5E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2B5F48-2ECA-423D-83C1-FA49D8EED361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CFE33-7559-463C-A518-1F9FCBEB82F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "41350C83-559C-4564-84FB-401917686921",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pil\u00f1a en RunTime.exe en Sielco Sistemi Winlog Pro SCADA antes de v2.07.17 y Winlog Lite SCADA antes de v2.7.17 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un puerto paquete al puerto TCP 46824 que provoca un intento incorreto de apertura de un archivo por la funci\u00f3n _TCPIPS_BinOpenFileFP. Se trata de una vulnerabilidad diferente a CVE-2012-3815. NOTA: algunos de estos detalles han sido obtenidos a partir de informaci\u00f3n de terceros."
}
],
"id": "CVE-2012-4353",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-19T20:55:01.440",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4355
Vulnerability from fkie_nvd - Published: 2012-08-19 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2D05FC-33E0-41A5-8CF3-32A6B43891FB",
"versionEndIncluding": "2.07.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF1B03C-54CF-4027-A58B-DFCE4FBA84CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0D672AD8-9A7D-4257-8D1B-A79051F7EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2041DF-7469-4B19-9C58-A776EC09883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE7A9FD-CFFF-4D15-9BB0-014984BF390D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4B97C6-1A3C-4D9F-ADD5-EE4D2B3FE6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBFE030-8A5F-478F-8BB0-1FF60C9A49FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "16C51DFE-73CA-4961-BC26-F0E285A4AE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "924BCED2-A2C9-4A7B-9291-C9D1725A23C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9728479C-278D-4E07-8597-DB32223A4E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A146B9C7-2742-4ED7-BB9B-C5C91C23AA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6F570F84-49C0-44F2-AE08-E5ACC40FDDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "3EBD17A7-8F08-4ECA-B577-3D120B5B72FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABEFD13-6D5D-4617-B117-01A8DA34C4FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22ED36-2B1A-4D04-86DB-E4CE0EB85DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3B466B-01FA-4D22-B0B0-A2ABBB748BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD7295A-26E9-477B-86C1-8260A1849356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E44368E8-F333-41DF-A210-F03A82436A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2674A1-474A-4976-AE2D-ADEEBED8BB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0D5188-AEA9-427E-9852-FDB14ED5DB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C35A8A7C-49CD-4039-84E0-BF69286E69C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCF41D0-4259-418A-B7BC-BC0A779A990A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9A684E73-28F5-45CB-98C8-D16C14EE2FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A63BA260-2527-4E92-BB70-B351C3849855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D4377B-FED5-4D0D-AA99-838F4BD79777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0260871D-2CF7-4C7D-B7D1-B985B089190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9F981871-2AF4-4160-8056-29D8E0F5B900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.16:*:*:*:*:*:*:*",
"matchCriteriaId": "67938DAB-5F41-4277-834B-AECA19C51F4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF7AAE9D-258C-45F8-95AD-1B0466B0C964",
"versionEndIncluding": "2.07.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "47F58C24-BABB-4FC6-95E2-72F7F3211E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "358EA7A5-EC72-4767-B857-FB077EF318DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "210F68AE-1801-4F1C-8456-3388BCA76913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5FFAAC-A327-4BDE-8313-D47CBB5161FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7D7FD6-3B86-42E7-B039-9C3570DB6813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "831D86C8-2C16-435D-A3E7-7E2B3FCABDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "115F4E5E-4C00-4B3E-B34F-6FE0F322E591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "698B9BC0-5F57-4624-AEC6-864B4E4B1CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "564CD457-97F2-436F-9AFD-F9F82A6BD368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F7398A76-C1C1-43BF-AFD3-A0B8177B63DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF9E5D8-14E0-4506-A08D-97125F643279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30B897-69DB-461C-A382-B7124A809ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "703A4316-7745-46AC-BC36-A110DEA57F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCF347-6E14-4BC8-AA22-6825C68EE67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C7FD60-29C2-40C5-BBD1-5C7426FE17FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD79175-3D49-4951-9F8F-47DDCDCD681D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "30FF1930-4632-4ED2-A135-DE9418AFDDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB19780-F6C7-44C5-8FBE-19A40EF94648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "54739E92-66BF-4A19-881B-DBA335B29967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCEFDF8-178A-42FE-A8D6-7C104E6F2F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "110EDA4F-6790-40CF-846D-11622858A2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "BA670181-0918-41F5-8AAE-684720ACFBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A05C562A-2760-4541-BD33-CF6B0F3C5E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2B5F48-2ECA-423D-83C1-FA49D8EED361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CFE33-7559-463C-A518-1F9FCBEB82F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "41350C83-559C-4564-84FB-401917686921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.16:*:*:*:*:*:*:*",
"matchCriteriaId": "824C16BA-A7FA-4396-8AC6-C1F89097B8CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354."
},
{
"lang": "es",
"value": "TCPIPS_Story.dll en Sielco Sistemi Winlog Pro SCADA antes de v2.07.18 y Winlog Lite SCADA antes de v2.7.18 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un paquete al puerto TCP 46824 con un n\u00famero entero negativo despu\u00e9s del c\u00f3digo de operaci\u00f3n, lo que provoca el procesamiento de un puntero a funci\u00f3n que puede llevar a un desbordamiento de b\u00fafer. NOTA: algunos de estos detalles han sido obtenidos a partir de informaci\u00f3n de terceros. NOTA: esta vulnerabilidad se debe a un arreglo incompleto del CVE-2012-4354."
}
],
"id": "CVE-2012-4355",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-19T20:55:01.787",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "cve@mitre.org",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4357
Vulnerability from fkie_nvd - Published: 2012-08-19 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B4BB2C-EB82-456E-A9CA-72D6C862ECC6",
"versionEndIncluding": "2.07.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF1B03C-54CF-4027-A58B-DFCE4FBA84CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0D672AD8-9A7D-4257-8D1B-A79051F7EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2041DF-7469-4B19-9C58-A776EC09883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE7A9FD-CFFF-4D15-9BB0-014984BF390D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4B97C6-1A3C-4D9F-ADD5-EE4D2B3FE6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBFE030-8A5F-478F-8BB0-1FF60C9A49FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "16C51DFE-73CA-4961-BC26-F0E285A4AE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "924BCED2-A2C9-4A7B-9291-C9D1725A23C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9728479C-278D-4E07-8597-DB32223A4E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A146B9C7-2742-4ED7-BB9B-C5C91C23AA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6F570F84-49C0-44F2-AE08-E5ACC40FDDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "3EBD17A7-8F08-4ECA-B577-3D120B5B72FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABEFD13-6D5D-4617-B117-01A8DA34C4FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22ED36-2B1A-4D04-86DB-E4CE0EB85DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3B466B-01FA-4D22-B0B0-A2ABBB748BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD7295A-26E9-477B-86C1-8260A1849356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E44368E8-F333-41DF-A210-F03A82436A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2674A1-474A-4976-AE2D-ADEEBED8BB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0D5188-AEA9-427E-9852-FDB14ED5DB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C35A8A7C-49CD-4039-84E0-BF69286E69C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCF41D0-4259-418A-B7BC-BC0A779A990A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9A684E73-28F5-45CB-98C8-D16C14EE2FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A63BA260-2527-4E92-BB70-B351C3849855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D4377B-FED5-4D0D-AA99-838F4BD79777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0260871D-2CF7-4C7D-B7D1-B985B089190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9F981871-2AF4-4160-8056-29D8E0F5B900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE55F0A-2038-452C-BF36-D91E0281DCE8",
"versionEndIncluding": "2.07.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "47F58C24-BABB-4FC6-95E2-72F7F3211E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "358EA7A5-EC72-4767-B857-FB077EF318DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "210F68AE-1801-4F1C-8456-3388BCA76913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5FFAAC-A327-4BDE-8313-D47CBB5161FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7D7FD6-3B86-42E7-B039-9C3570DB6813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "831D86C8-2C16-435D-A3E7-7E2B3FCABDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "115F4E5E-4C00-4B3E-B34F-6FE0F322E591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "698B9BC0-5F57-4624-AEC6-864B4E4B1CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "564CD457-97F2-436F-9AFD-F9F82A6BD368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F7398A76-C1C1-43BF-AFD3-A0B8177B63DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF9E5D8-14E0-4506-A08D-97125F643279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30B897-69DB-461C-A382-B7124A809ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "703A4316-7745-46AC-BC36-A110DEA57F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCF347-6E14-4BC8-AA22-6825C68EE67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C7FD60-29C2-40C5-BBD1-5C7426FE17FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD79175-3D49-4951-9F8F-47DDCDCD681D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "30FF1930-4632-4ED2-A135-DE9418AFDDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB19780-F6C7-44C5-8FBE-19A40EF94648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "54739E92-66BF-4A19-881B-DBA335B29967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCEFDF8-178A-42FE-A8D6-7C104E6F2F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "110EDA4F-6790-40CF-846D-11622858A2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "BA670181-0918-41F5-8AAE-684720ACFBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A05C562A-2760-4541-BD33-CF6B0F3C5E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2B5F48-2ECA-423D-83C1-FA49D8EED361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CFE33-7559-463C-A518-1F9FCBEB82F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.14:*:*:*:*:*:*:*",
"matchCriteriaId": "41350C83-559C-4564-84FB-401917686921",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block."
},
{
"lang": "es",
"value": "Un error de \u00edndice de array en Sielco Sistemi Winlog Pro SCADA antes de v2.07.17 y Winlog Lite SCADA antes de v2.7.17 podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una referencia, en un paquete al puerto TCP 46824, a un puntero a fichero inv\u00e1lido que provoca una ejecuci\u00f3n de un bloque de c\u00f3digo EnterCriticalSection."
}
],
"id": "CVE-2012-4357",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-19T20:55:01.910",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "cve@mitre.org",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-3815
Vulnerability from fkie_nvd - Published: 2012-06-27 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EAB45D-37BD-4EB1-8A59-D905CDED2CC7",
"versionEndIncluding": "2.07.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "47F58C24-BABB-4FC6-95E2-72F7F3211E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "358EA7A5-EC72-4767-B857-FB077EF318DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "210F68AE-1801-4F1C-8456-3388BCA76913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5FFAAC-A327-4BDE-8313-D47CBB5161FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7D7FD6-3B86-42E7-B039-9C3570DB6813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "831D86C8-2C16-435D-A3E7-7E2B3FCABDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "115F4E5E-4C00-4B3E-B34F-6FE0F322E591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "698B9BC0-5F57-4624-AEC6-864B4E4B1CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "564CD457-97F2-436F-9AFD-F9F82A6BD368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F7398A76-C1C1-43BF-AFD3-A0B8177B63DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF9E5D8-14E0-4506-A08D-97125F643279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30B897-69DB-461C-A382-B7124A809ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "703A4316-7745-46AC-BC36-A110DEA57F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCF347-6E14-4BC8-AA22-6825C68EE67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C7FD60-29C2-40C5-BBD1-5C7426FE17FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD79175-3D49-4951-9F8F-47DDCDCD681D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "30FF1930-4632-4ED2-A135-DE9418AFDDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB19780-F6C7-44C5-8FBE-19A40EF94648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "54739E92-66BF-4A19-881B-DBA335B29967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCEFDF8-178A-42FE-A8D6-7C104E6F2F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "110EDA4F-6790-40CF-846D-11622858A2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "BA670181-0918-41F5-8AAE-684720ACFBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A05C562A-2760-4541-BD33-CF6B0F3C5E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2B5F48-2ECA-423D-83C1-FA49D8EED361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CFE33-7559-463C-A518-1F9FCBEB82F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8AAFA1-371F-4CCF-8D5B-D85271E61A5F",
"versionEndIncluding": "2.07.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF1B03C-54CF-4027-A58B-DFCE4FBA84CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0D672AD8-9A7D-4257-8D1B-A79051F7EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2041DF-7469-4B19-9C58-A776EC09883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE7A9FD-CFFF-4D15-9BB0-014984BF390D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4B97C6-1A3C-4D9F-ADD5-EE4D2B3FE6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBFE030-8A5F-478F-8BB0-1FF60C9A49FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "16C51DFE-73CA-4961-BC26-F0E285A4AE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "924BCED2-A2C9-4A7B-9291-C9D1725A23C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9728479C-278D-4E07-8597-DB32223A4E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A146B9C7-2742-4ED7-BB9B-C5C91C23AA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6F570F84-49C0-44F2-AE08-E5ACC40FDDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "3EBD17A7-8F08-4ECA-B577-3D120B5B72FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABEFD13-6D5D-4617-B117-01A8DA34C4FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22ED36-2B1A-4D04-86DB-E4CE0EB85DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3B466B-01FA-4D22-B0B0-A2ABBB748BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD7295A-26E9-477B-86C1-8260A1849356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E44368E8-F333-41DF-A210-F03A82436A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2674A1-474A-4976-AE2D-ADEEBED8BB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0D5188-AEA9-427E-9852-FDB14ED5DB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C35A8A7C-49CD-4039-84E0-BF69286E69C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCF41D0-4259-418A-B7BC-BC0A779A990A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9A684E73-28F5-45CB-98C8-D16C14EE2FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A63BA260-2527-4E92-BB70-B351C3849855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D4377B-FED5-4D0D-AA99-838F4BD79777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0260871D-2CF7-4C7D-B7D1-B985B089190D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en RunTime.exe en Sielco Sistemi Winlog v2.07.14 y anteriores, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un paquete manipulado hacia el puerto TCP 46824."
}
],
"id": "CVE-2012-3815",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-27T21:55:05.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1027128"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/82654"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.s3cur1ty.de/m1adv2012-001"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/53811"
},
{
"source": "cve@mitre.org",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "cve@mitre.org",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"source": "cve@mitre.org",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1027128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/82654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.s3cur1ty.de/m1adv2012-001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/53811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76060"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-4037
Vulnerability from fkie_nvd - Published: 2011-12-22 15:29 - Updated: 2025-04-11 00:51
Severity ?
Summary
Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA8088F-60CE-44B8-B03A-22F374B48698",
"versionEndIncluding": "2.07.08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "47F58C24-BABB-4FC6-95E2-72F7F3211E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "358EA7A5-EC72-4767-B857-FB077EF318DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "210F68AE-1801-4F1C-8456-3388BCA76913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5FFAAC-A327-4BDE-8313-D47CBB5161FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7D7FD6-3B86-42E7-B039-9C3570DB6813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "831D86C8-2C16-435D-A3E7-7E2B3FCABDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "115F4E5E-4C00-4B3E-B34F-6FE0F322E591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "698B9BC0-5F57-4624-AEC6-864B4E4B1CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "564CD457-97F2-436F-9AFD-F9F82A6BD368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F7398A76-C1C1-43BF-AFD3-A0B8177B63DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF9E5D8-14E0-4506-A08D-97125F643279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30B897-69DB-461C-A382-B7124A809ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "703A4316-7745-46AC-BC36-A110DEA57F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCF347-6E14-4BC8-AA22-6825C68EE67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C7FD60-29C2-40C5-BBD1-5C7426FE17FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD79175-3D49-4951-9F8F-47DDCDCD681D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "30FF1930-4632-4ED2-A135-DE9418AFDDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB19780-F6C7-44C5-8FBE-19A40EF94648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "54739E92-66BF-4A19-881B-DBA335B29967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCEFDF8-178A-42FE-A8D6-7C104E6F2F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "110EDA4F-6790-40CF-846D-11622858A2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "BA670181-0918-41F5-8AAE-684720ACFBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3911B405-D2CA-44A1-BBB8-85C4FF9CC089",
"versionEndIncluding": "2.07.08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF1B03C-54CF-4027-A58B-DFCE4FBA84CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0D672AD8-9A7D-4257-8D1B-A79051F7EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2041DF-7469-4B19-9C58-A776EC09883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE7A9FD-CFFF-4D15-9BB0-014984BF390D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4B97C6-1A3C-4D9F-ADD5-EE4D2B3FE6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBFE030-8A5F-478F-8BB0-1FF60C9A49FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "16C51DFE-73CA-4961-BC26-F0E285A4AE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:*:*:*:*:*:*:*",
"matchCriteriaId": "924BCED2-A2C9-4A7B-9291-C9D1725A23C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9728479C-278D-4E07-8597-DB32223A4E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A146B9C7-2742-4ED7-BB9B-C5C91C23AA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6F570F84-49C0-44F2-AE08-E5ACC40FDDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:*:*:*:*:*:*:*",
"matchCriteriaId": "3EBD17A7-8F08-4ECA-B577-3D120B5B72FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABEFD13-6D5D-4617-B117-01A8DA34C4FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22ED36-2B1A-4D04-86DB-E4CE0EB85DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3B466B-01FA-4D22-B0B0-A2ABBB748BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD7295A-26E9-477B-86C1-8260A1849356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E44368E8-F333-41DF-A210-F03A82436A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2674A1-474A-4976-AE2D-ADEEBED8BB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0D5188-AEA9-427E-9852-FDB14ED5DB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C35A8A7C-49CD-4039-84E0-BF69286E69C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCF41D0-4259-418A-B7BC-BC0A779A990A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9A684E73-28F5-45CB-98C8-D16C14EE2FB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en Sielco Sistemi Winlog PRO anteriores a v2.07.09 y Winlog Lite anteriores a v2.07.09 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos inv\u00e1lidos en campos no especificados de un fichero de proyecto."
}
],
"id": "CVE-2011-4037",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-12-22T15:29:19.890",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47078"
},
{
"source": "cret@cert.org",
"url": "http://securitytracker.com/id?1026388"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1026388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2017-5161 (GCVE-0-2017-5161)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI?
Summary
An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL.
Severity ?
No CVSS data available.
CWE
- Sielco Sistemi Winlog SCADA Software DLL Hijacking
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01 |
Affected:
Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:34.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96119",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sielco Sistemi Winlog SCADA Software DLL Hijacking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "96119",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01",
"version": {
"version_data": [
{
"version_value": "Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sielco Sistemi Winlog SCADA Software DLL Hijacking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96119",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96119"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5161",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2017-01-03T00:00:00",
"dateUpdated": "2024-08-05T14:55:34.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4354 (GCVE-0-2012-4354)
Vulnerability from cvelistv5 – Published: 2012-08-19 20:00 – Updated: 2024-09-16 21:08
VLAI?
Summary
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4354",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-16T21:08:53.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4356 (GCVE-0-2012-4356)
Vulnerability from cvelistv5 – Published: 2012-08-19 20:00 – Updated: 2024-09-16 18:19
VLAI?
Summary
Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4356",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4356",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-16T18:19:09.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4358 (GCVE-0-2012-4358)
Vulnerability from cvelistv5 – Published: 2012-08-19 20:00 – Updated: 2024-09-16 17:43
VLAI?
Summary
Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4358",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-16T17:43:02.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4359 (GCVE-0-2012-4359)
Vulnerability from cvelistv5 – Published: 2012-08-19 20:00 – Updated: 2024-09-16 19:00
VLAI?
Summary
Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=70",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4359",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-16T19:00:45.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4355 (GCVE-0-2012-4355)
Vulnerability from cvelistv5 – Published: 2012-08-19 20:00 – Updated: 2024-09-16 20:21
VLAI?
Summary
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:08.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=70",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4355",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-16T20:21:45.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4353 (GCVE-0-2012-4353)
Vulnerability from cvelistv5 – Published: 2012-08-19 20:00 – Updated: 2024-09-17 00:21
VLAI?
Summary
Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4353",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-17T00:21:14.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4357 (GCVE-0-2012-4357)
Vulnerability from cvelistv5 – Published: 2012-08-19 20:00 – Updated: 2024-09-17 03:48
VLAI?
Summary
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:08.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4357",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-17T03:48:07.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3815 (GCVE-0-2012-3815)
Vulnerability from cvelistv5 – Published: 2012-06-27 21:00 – Updated: 2024-08-06 20:21
VLAI?
Summary
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:03.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "82654",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/82654"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.s3cur1ty.de/m1adv2012-001"
},
{
"name": "1027128",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1027128"
},
{
"name": "winlog-request-bo(76060)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76060"
},
{
"name": "20120605 Sielco Sistemi Winlog Buffer Overflow \u003c= v2.07.14",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"name": "53811",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "82654",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/82654"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.s3cur1ty.de/m1adv2012-001"
},
{
"name": "1027128",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1027128"
},
{
"name": "winlog-request-bo(76060)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76060"
},
{
"name": "20120605 Sielco Sistemi Winlog Buffer Overflow \u003c= v2.07.14",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"name": "53811",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "82654",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/82654"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.s3cur1ty.de/m1adv2012-001",
"refsource": "MISC",
"url": "http://www.s3cur1ty.de/m1adv2012-001"
},
{
"name": "1027128",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1027128"
},
{
"name": "winlog-request-bo(76060)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76060"
},
{
"name": "20120605 Sielco Sistemi Winlog Buffer Overflow \u003c= v2.07.14",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=70",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"name": "53811",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53811"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3815",
"datePublished": "2012-06-27T21:00:00",
"dateReserved": "2012-06-27T00:00:00",
"dateUpdated": "2024-08-06T20:21:03.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4037 (GCVE-0-2011-4037)
Vulnerability from cvelistv5 – Published: 2011-12-22 15:00 – Updated: 2024-09-16 19:51
VLAI?
Summary
Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:53:32.597Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "47078",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47078"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf"
},
{
"name": "1026388",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1026388"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-12-22T15:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "47078",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47078"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf"
},
{
"name": "1026388",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1026388"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "47078",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47078"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf"
},
{
"name": "1026388",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1026388"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-4037",
"datePublished": "2011-12-22T15:00:00Z",
"dateReserved": "2011-10-13T00:00:00Z",
"dateUpdated": "2024-09-16T19:51:21.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5161 (GCVE-0-2017-5161)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI?
Summary
An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL.
Severity ?
No CVSS data available.
CWE
- Sielco Sistemi Winlog SCADA Software DLL Hijacking
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01 |
Affected:
Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:34.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96119",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sielco Sistemi Winlog SCADA Software DLL Hijacking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "96119",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01",
"version": {
"version_data": [
{
"version_value": "Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sielco Sistemi Winlog SCADA Software DLL Hijacking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96119",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96119"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5161",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2017-01-03T00:00:00",
"dateUpdated": "2024-08-05T14:55:34.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4354 (GCVE-0-2012-4354)
Vulnerability from nvd – Published: 2012-08-19 20:00 – Updated: 2024-09-16 21:08
VLAI?
Summary
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4354",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-16T21:08:53.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4356 (GCVE-0-2012-4356)
Vulnerability from nvd – Published: 2012-08-19 20:00 – Updated: 2024-09-16 18:19
VLAI?
Summary
Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4356",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4356",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-16T18:19:09.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4358 (GCVE-0-2012-4358)
Vulnerability from nvd – Published: 2012-08-19 20:00 – Updated: 2024-09-16 17:43
VLAI?
Summary
Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4358",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-16T17:43:02.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4359 (GCVE-0-2012-4359)
Vulnerability from nvd – Published: 2012-08-19 20:00 – Updated: 2024-09-16 19:00
VLAI?
Summary
Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=70",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4359",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-16T19:00:45.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4355 (GCVE-0-2012-4355)
Vulnerability from nvd – Published: 2012-08-19 20:00 – Updated: 2024-09-16 20:21
VLAI?
Summary
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:08.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=70",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4355",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-16T20:21:45.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4353 (GCVE-0-2012-4353)
Vulnerability from nvd – Published: 2012-08-19 20:00 – Updated: 2024-09-17 00:21
VLAI?
Summary
Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4353",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-17T00:21:14.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4357 (GCVE-0-2012-4357)
Vulnerability from nvd – Published: 2012-08-19 20:00 – Updated: 2024-09-17 03:48
VLAI?
Summary
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:08.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-19T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/winlog_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/winlog_2-adv.txt"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4357",
"datePublished": "2012-08-19T20:00:00Z",
"dateReserved": "2012-08-19T00:00:00Z",
"dateUpdated": "2024-09-17T03:48:07.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3815 (GCVE-0-2012-3815)
Vulnerability from nvd – Published: 2012-06-27 21:00 – Updated: 2024-08-06 20:21
VLAI?
Summary
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:03.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "82654",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/82654"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.s3cur1ty.de/m1adv2012-001"
},
{
"name": "1027128",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1027128"
},
{
"name": "winlog-request-bo(76060)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76060"
},
{
"name": "20120605 Sielco Sistemi Winlog Buffer Overflow \u003c= v2.07.14",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"name": "53811",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "82654",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/82654"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49395"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.s3cur1ty.de/m1adv2012-001"
},
{
"name": "1027128",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1027128"
},
{
"name": "winlog-request-bo(76060)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76060"
},
{
"name": "20120605 Sielco Sistemi Winlog Buffer Overflow \u003c= v2.07.14",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"name": "53811",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "82654",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/82654"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf"
},
{
"name": "49395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49395"
},
{
"name": "http://www.s3cur1ty.de/m1adv2012-001",
"refsource": "MISC",
"url": "http://www.s3cur1ty.de/m1adv2012-001"
},
{
"name": "1027128",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1027128"
},
{
"name": "winlog-request-bo(76060)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76060"
},
{
"name": "20120605 Sielco Sistemi Winlog Buffer Overflow \u003c= v2.07.14",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=70",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=70"
},
{
"name": "53811",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53811"
},
{
"name": "http://www.sielcosistemi.com/en/news/index.html?id=69",
"refsource": "CONFIRM",
"url": "http://www.sielcosistemi.com/en/news/index.html?id=69"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3815",
"datePublished": "2012-06-27T21:00:00",
"dateReserved": "2012-06-27T00:00:00",
"dateUpdated": "2024-08-06T20:21:03.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4037 (GCVE-0-2011-4037)
Vulnerability from nvd – Published: 2011-12-22 15:00 – Updated: 2024-09-16 19:51
VLAI?
Summary
Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:53:32.597Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "47078",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47078"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf"
},
{
"name": "1026388",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1026388"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-12-22T15:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "47078",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47078"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf"
},
{
"name": "1026388",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1026388"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "47078",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47078"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf"
},
{
"name": "1026388",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1026388"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-4037",
"datePublished": "2011-12-22T15:00:00Z",
"dateReserved": "2011-10-13T00:00:00Z",
"dateUpdated": "2024-09-16T19:51:21.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}