[Forgot Password]
Login  Register Subscribe

23631

 
 

123996

 
 

98503

 
 

909

 
 

79321

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2012-3797

Date: (C)2012-06-25   (M)2015-12-16 


Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a short crafted packet with a certain opcode.

CVSS Score: 10.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECUNIA-49172
BID-53499
http://aluigi.org/adv/proservrex_1-adv.txt
http://ics-cert.us-cert.gov/advisories/ICSA-12-179-01
https://www.hmisource.com/otasuke/download/update/server_ex/server_ex/Readme_E.txt
https://www.hmisource.com/otasuke/news/2012/0606.html

CWE    1
CWE-119
OVAL    1
oval:org.secpod.oval:def:6329

© 2013 SecPod Technologies