MidnightBSD

Advisories for sielcosistemi

CVE-2011-0517 HIGH

Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
sielcosistemi winlog_pro *
CVE-2011-4037 HIGH

Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
sielcosistemi winlog_lite 2.06.10
sielcosistemi winlog_lite 2.06.04
sielcosistemi winlog_lite 2.06.06
sielcosistemi winlog_pro 2.06.13
sielcosistemi winlog_lite 2.06.14
sielcosistemi winlog_lite 2.06.86
sielcosistemi winlog_lite 2.06.40
sielcosistemi winlog_lite 2.06.25
sielcosistemi winlog_pro 2.06.25
sielcosistemi winlog_lite 2.06.03
sielcosistemi winlog_pro 2.06.06
sielcosistemi winlog_pro 2.06.24
sielcosistemi winlog_pro 2.06.10
sielcosistemi winlog_lite 2.06.73
sielcosistemi winlog_pro 2.06.12
sielcosistemi winlog_pro 2.06.14
sielcosistemi winlog_pro 2.06.00
sielcosistemi winlog_lite 2.06.60
sielcosistemi winlog_pro 2.06.21
sielcosistemi winlog_lite 2.07.00
sielcosistemi winlog_pro 2.06.04
sielcosistemi winlog_lite 2.06.24
sielcosistemi winlog_lite 2.06.46
sielcosistemi winlog_pro 2.06.18
sielcosistemi winlog_pro 2.06.60
sielcosistemi winlog_lite 2.06.18
sielcosistemi winlog_pro 2.07.01
sielcosistemi winlog_pro 2.06.28
sielcosistemi winlog_pro 2.06.86
sielcosistemi winlog_pro 2.06.46
sielcosistemi winlog_lite 2.06.12
sielcosistemi winlog_lite 2.06.21
sielcosistemi winlog_pro 2.07.00
sielcosistemi winlog_lite 2.06.09
sielcosistemi winlog_lite 2.06.50
sielcosistemi winlog_pro 2.06.09
sielcosistemi winlog_lite 2.06.13
sielcosistemi winlog_lite *
sielcosistemi winlog_pro 2.06.03
sielcosistemi winlog_lite 2.07.01
sielcosistemi winlog_pro 2.06.50
sielcosistemi winlog_lite 2.06.28
sielcosistemi winlog_lite 2.06.00
sielcosistemi winlog_pro *
sielcosistemi winlog_pro 2.06.73
sielcosistemi winlog_pro 2.06.40
CVE-2012-3815 HIGH

Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
sielcosistemi winlog_lite 2.06.10
sielcosistemi winlog_lite 2.06.04
sielcosistemi winlog_pro 2.06.13
sielcosistemi winlog_lite 2.06.86
sielcosistemi winlog_lite 2.06.25
sielcosistemi winlog_pro 2.06.24
sielcosistemi winlog_pro 2.06.00
sielcosistemi winlog_lite 2.07.11
sielcosistemi winlog_lite 2.07.00
sielcosistemi winlog_pro 2.06.04
sielcosistemi winlog_lite 2.06.46
sielcosistemi winlog_pro 2.06.18
sielcosistemi winlog_pro 2.07.01
sielcosistemi winlog_pro 2.06.28
sielcosistemi winlog_pro 2.06.46
sielcosistemi winlog_pro 2.07.08
sielcosistemi winlog_lite 2.06.12
sielcosistemi winlog_lite 2.06.50
sielcosistemi winlog_pro 2.06.50
sielcosistemi winlog_lite 2.06.28
sielcosistemi winlog_pro *
sielcosistemi winlog_pro 2.06.73
sielcosistemi winlog_lite 2.06.06
sielcosistemi winlog_lite 2.06.14
sielcosistemi winlog_lite 2.06.40
sielcosistemi winlog_pro 2.06.25
sielcosistemi winlog_lite 2.06.03
sielcosistemi winlog_pro 2.06.06
sielcosistemi winlog_lite 2.07.09
sielcosistemi winlog_pro 2.06.10
sielcosistemi winlog_lite 2.06.73
sielcosistemi winlog_pro 2.06.12
sielcosistemi winlog_pro 2.06.14
sielcosistemi winlog_lite 2.06.60
sielcosistemi winlog_pro 2.06.21
sielcosistemi winlog_lite 2.06.24
sielcosistemi winlog_pro 2.06.60
sielcosistemi winlog_pro 2.07.11
sielcosistemi winlog_lite 2.07.08
sielcosistemi winlog_lite 2.06.18
sielcosistemi winlog_pro 2.06.86
sielcosistemi winlog_pro 2.07.09
sielcosistemi winlog_lite 2.06.21
sielcosistemi winlog_pro 2.07.00
sielcosistemi winlog_lite 2.06.09
sielcosistemi winlog_pro 2.06.09
sielcosistemi winlog_lite 2.06.13
sielcosistemi winlog_lite *
sielcosistemi winlog_pro 2.06.03
sielcosistemi winlog_lite 2.07.01
sielcosistemi winlog_lite 2.06.00
sielcosistemi winlog_pro 2.06.40
CVE-2017-5161 HIGH

An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-427,

Products Affected

Vendor Product Version
sielcosistemi winlog_lite *
sielcosistemi winlog_pro *