Back to search
CVE-2012-4359
Published: Aug 19, 2012
Modified: Sep 16, 2024
PUBLISHED
Description
Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://aluigi.org/adv/winlog_2-adv.txt
x_refsource_MISC
http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf
x_refsource_MISC
49395
third-party-advisory
x_refsource_SECUNIA
http://www.sielcosistemi.com/en/news/index.html?id=70
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now