9.3
CVE-2011-0517
- EPSS 40.46%
- Veröffentlicht 20.01.2011 19:00:12
- Zuletzt bearbeitet 16.06.2026 23:27:32
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginStack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sielcosistemi ≫ Winlog Pro Version <= 2.07.00
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 40.46% | 0.985 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://aluigi.org/adv/winlog_1-adv.txt
http://osvdb.org/70418
http://secunia.com/advisories/42894
http://securityreason.com/securityalert/8280
http://www.exploit-db.com/exploits/15992
http://www.kb.cert.org/vuls/id/496040
http://www.securityfocus.com/bid/45813
http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf
http://www.vupen.com/english/advisories/2011/0126
https://exchange.xforce.ibmcloud.com/vulnerabilities/64716