CVE-2012-3815

Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html	Exploit
http://secunia.com/advisories/49395	Vendor Advisory
http://securitytracker.com/id?1027128
http://www.osvdb.org/82654
http://www.s3cur1ty.de/m1adv2012-001	Exploit
http://www.securityfocus.com/bid/53811	Exploit
http://www.sielcosistemi.com/en/news/index.html?id=69
http://www.sielcosistemi.com/en/news/index.html?id=70
http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/76060
http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html	Exploit
http://secunia.com/advisories/49395	Vendor Advisory
http://securitytracker.com/id?1027128
http://www.osvdb.org/82654
http://www.s3cur1ty.de/m1adv2012-001	Exploit
http://www.securityfocus.com/bid/53811	Exploit
http://www.sielcosistemi.com/en/news/index.html?id=69
http://www.sielcosistemi.com/en/news/index.html?id=70
http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/76060

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sielcosistemi:winlog_lite::::::::
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.00:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.03:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.04:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.06:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.09:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.10:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.12:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.13:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.14:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.18:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.21:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.24:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.25:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.28:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.40:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.46:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.50:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.60:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.73:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.06.86:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.07.00:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.07.01:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.07.08:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.07.09:::::::*
	cpe:2.3:a:sielcosistemi:winlog_lite:2.07.11:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro::::::::
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.00:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.03:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.04:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.06:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.09:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.10:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.12:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.13:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.14:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.18:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.21:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.24:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.25:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.28:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.40:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.46:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.50:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.60:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.73:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.06.86:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.07.00:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.07.01:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.07.08:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.07.09:::::::*
	cpe:2.3:a:sielcosistemi:winlog_pro:2.07.11:::::::*

History

21 Nov 2024, 01:41

Type	Values Removed	Values Added
References	~~() http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html - Exploit~~	() http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html - Exploit
References	~~() http://secunia.com/advisories/49395 - Vendor Advisory~~	() http://secunia.com/advisories/49395 - Vendor Advisory
References	~~() http://securitytracker.com/id?1027128 -~~	() http://securitytracker.com/id?1027128 -
References	~~() http://www.osvdb.org/82654 -~~	() http://www.osvdb.org/82654 -
References	~~() http://www.s3cur1ty.de/m1adv2012-001 - Exploit~~	() http://www.s3cur1ty.de/m1adv2012-001 - Exploit
References	~~() http://www.securityfocus.com/bid/53811 - Exploit~~	() http://www.securityfocus.com/bid/53811 - Exploit
References	~~() http://www.sielcosistemi.com/en/news/index.html?id=69 -~~	() http://www.sielcosistemi.com/en/news/index.html?id=69 -
References	~~() http://www.sielcosistemi.com/en/news/index.html?id=70 -~~	() http://www.sielcosistemi.com/en/news/index.html?id=70 -
References	~~() http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf -~~	() http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/76060 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/76060 -

Information

Published : 2012-06-27 21:55

Updated : 2024-11-21 01:41

NVD link : CVE-2012-3815

Mitre link : CVE-2012-3815

CVE.ORG link : CVE-2012-3815

JSON object : View

Products Affected

sielcosistemi

winlog_pro
winlog_lite

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

9.3 /10