Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-4353

Опубликовано: 19 авг. 2012
Источник: nvd
CVSS2: 9.3
EPSS Средний

Описание

Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*
Версия до 2.07.16 (включая)
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.07.08:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.07.09:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.07.11:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:2.07.14:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*
Версия до 2.07.16 (включая)
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.07.08:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.07.09:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.07.11:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_lite:2.07.14:*:*:*:*:*:*:*

EPSS

Процентиль: 94%
0.14776
Средний

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

github логотип

GHSA-j7fr-8w47-9f6w

github
больше 3 лет назад

Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 94%
0.14776
Средний

9.3 Critical

CVSS2

Дефекты

CWE-119