[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247621

 
 

909

 
 

194512

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Lite SCADA and Winlog Pro SCADA via a port-46824 TCP packet with an invalid file-pointer index

ID: oval:org.secpod.oval:def:6732Date: (C)2012-08-25   (M)2021-06-06
Class: VULNERABILITYFamily: windows




The host is installed with Winlog Lite SCADA or WinLog Pro SCADA before 2.07.17 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a packet specifying a file-open operation with a crafted opcode. Successful exploitation could allow attackers to read arbitrary files.

Platform:
Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product:
Sielco Sistemi Winlog Lite
Sielco Sistemi Winlog Pro
Reference:
CVE-2012-4356
CVE    1
CVE-2012-4356
CPE    54
cpe:/a:sielcosistemi:winlog_pro:2.06.10
cpe:/a:sielcosistemi:winlog_pro:2.06.50
cpe:/a:sielcosistemi:winlog_pro:2.06.18
cpe:/a:sielcosistemi:winlog_pro:2.06.12
...

© SecPod Technologies