Sielco Sistemi Winlog PRO Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with Sielco Sistemi Winlog PRO and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code in the context of the application. Impact Level: System/Application

Solution

Upgrade to Winlog Lite version 2.07.09 or later, For updates refer to http://www.sielcosistemi.com/en/download/public/index.html

Insight

The flaw is due to an unspecified error when processing certain values in project files and can be exploited to cause a buffer overflow by tricking a user into loading a malicious project file.

Affected

Winlog Lite version before 2.07.09

References

http://secunia.com/advisories/47078
http://securitytracker.com/id?1026388
http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4037

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Flash Player Buffer Overflow Vulnerability (Mac OS X)
Adobe Reader '/Registry' and '/Ordering' Buffer Overflow Vulnerability (Win)
DATAC RealWin SCADA Server On_FC_CONNECT_FCS_a_FILE Buffer Overflow Vulnerability
Anzio Web Print Object ActiveX Control Remote BOF Vulnerability
Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)

Sielco Sistemi Winlog PRO Buffer overflow Vulnerability

Take action and discover your vulnerabilities