CVE-2012-4359

Name of the Vulnerable Software and Affected Versions Sielco Sistemi Winlog Pro SCADA versions prior to 2.07.18 Sielco Sistemi Winlog Lite SCADA versions prior to 2.07.18

Description The issue is related to the lack of validation of the return value of the realloc function, which can be exploited by remote attackers. This can be achieved by sending a crafted TCP packet to port 46824 with a negative integer after the opcode, potentially causing a denial of service due to an invalid 0x00 write operation and daemon crash. There may be other unspecified impacts.

Recommendations For Sielco Sistemi Winlog Pro SCADA versions prior to 2.07.18, update to version 2.07.18 or later. For Sielco Sistemi Winlog Lite SCADA versions prior to 2.07.18, update to version 2.07.18 or later.