CVE-2012-4353

Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815.  NOTE: some of these details are obtained from third party information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
VendorProductVersion
sielcosistemiwinlog_pro
𝑥
≤ 2.07.16
sielcosistemiwinlog_pro
2.06.00
sielcosistemiwinlog_pro
2.06.03
sielcosistemiwinlog_pro
2.06.04
sielcosistemiwinlog_pro
2.06.06
sielcosistemiwinlog_pro
2.06.09
sielcosistemiwinlog_pro
2.06.10
sielcosistemiwinlog_pro
2.06.12
sielcosistemiwinlog_pro
2.06.13
sielcosistemiwinlog_pro
2.06.14
sielcosistemiwinlog_pro
2.06.18
sielcosistemiwinlog_pro
2.06.21
sielcosistemiwinlog_pro
2.06.24
sielcosistemiwinlog_pro
2.06.25
sielcosistemiwinlog_pro
2.06.28
sielcosistemiwinlog_pro
2.06.40
sielcosistemiwinlog_pro
2.06.46
sielcosistemiwinlog_pro
2.06.50
sielcosistemiwinlog_pro
2.06.60
sielcosistemiwinlog_pro
2.06.73
sielcosistemiwinlog_pro
2.06.86
sielcosistemiwinlog_pro
2.07.00
sielcosistemiwinlog_pro
2.07.01
sielcosistemiwinlog_pro
2.07.08
sielcosistemiwinlog_pro
2.07.09
sielcosistemiwinlog_pro
2.07.11
sielcosistemiwinlog_pro
2.07.14
sielcosistemiwinlog_lite
𝑥
≤ 2.07.16
sielcosistemiwinlog_lite
2.06.00
sielcosistemiwinlog_lite
2.06.03
sielcosistemiwinlog_lite
2.06.04
sielcosistemiwinlog_lite
2.06.06
sielcosistemiwinlog_lite
2.06.09
sielcosistemiwinlog_lite
2.06.10
sielcosistemiwinlog_lite
2.06.12
sielcosistemiwinlog_lite
2.06.13
sielcosistemiwinlog_lite
2.06.14
sielcosistemiwinlog_lite
2.06.18
sielcosistemiwinlog_lite
2.06.21
sielcosistemiwinlog_lite
2.06.24
sielcosistemiwinlog_lite
2.06.25
sielcosistemiwinlog_lite
2.06.28
sielcosistemiwinlog_lite
2.06.40
sielcosistemiwinlog_lite
2.06.46
sielcosistemiwinlog_lite
2.06.50
sielcosistemiwinlog_lite
2.06.60
sielcosistemiwinlog_lite
2.06.73
sielcosistemiwinlog_lite
2.06.86
sielcosistemiwinlog_lite
2.07.00
sielcosistemiwinlog_lite
2.07.01
sielcosistemiwinlog_lite
2.07.08
sielcosistemiwinlog_lite
2.07.09
sielcosistemiwinlog_lite
2.07.11
sielcosistemiwinlog_lite
2.07.14
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://aluigi.org/adv/winlog_2-adv.txt
http://secunia.com/advisories/49395
http://www.sielcosistemi.com/en/news/index.html?id=69
http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf
http://aluigi.org/adv/winlog_2-adv.txt
http://secunia.com/advisories/49395
http://www.sielcosistemi.com/en/news/index.html?id=69
http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf