N/A

TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354.

N/A

N/A

Sielco Sistemi Winlog Pro SCADA/Winlog Lite SCADA 缓冲区溢出漏洞

Winlog Pro是管理工业和民用工厂的SCADA/HMI软件包。 Sielco Sistemi Winlog Pro SCADA 2.07.18之前版本和Winlog Lite SCADA 2.07.18之前版本中的TCPIPS_Story.dll中存在漏洞。远程攻击者可利用该漏洞通过TCP 46824端口带有操作码之后的特制的负整数数据包执行任意代码，触发不正确函数指针处理导致缓冲区溢出。

N/A

N/A