CVE-2012-4357

Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.

Date published : 2012-08-19

http://www.sielcosistemi.com/en/news/index.html?id=69

http://aluigi.org/adv/winlog_2-adv.txt