Sielco Sistemi Winlog PRO Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with Sielco Sistemi Winlog PRO and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code in the context of the application. Impact Level: System/Application

Solution

Upgrade to Winlog Lite version 2.07.09 or later, For updates refer to http://www.sielcosistemi.com/en/download/public/index.html

Insight

The flaw is due to an unspecified error when processing certain values in project files and can be exploited to cause a buffer overflow by tricking a user into loading a malicious project file.

Affected

Winlog Lite version before 2.07.09

References

http://secunia.com/advisories/47078
http://securitytracker.com/id?1026388
http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4037
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Becky! Internet Mail Buffer Overflow Vulnerability
Adobe Shockwave Player ActiveX Control BOF Vulnerability
Buffer overflow in Apple Quicktime Player
CA Internet Security Suite Plus 'KmxSbx.sys' Buffer Overflow Vulnerability
Apple QuickTime Multiple Buffer Overflow Vulnerabilities (Windows)

Sielco Sistemi Winlog PRO Buffer overflow Vulnerability

Take action and discover your vulnerabilities