CVE-2011-4037
published 2011-12-22CVE-2011-4037: Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via…
PriorityP342critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
4.71%
90.7th percentile
Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file.
Affected
46 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sielcosistemi | winlog_lite | <= 2.07.08 | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_lite | — | — |
| sielcosistemi | winlog_pro | <= 2.07.08 | — |
| sielcosistemi | winlog_pro | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rg3r-xjvj-536q: Buffer overflow in Sielco Sistemi Winlog PRO before 2
ghsa_unreviewed·2022-05-17
CVE-2011-4037 [HIGH] CWE-119 GHSA-rg3r-xjvj-536q: Buffer overflow in Sielco Sistemi Winlog PRO before 2
Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file.
CISA ICS
Sielco Sistemi Winlog Buffer Overflow (Update A)
cisa_ics·2013-04-23
Sielco Sistemi Winlog Buffer Overflow (Update A)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Sielco Sistemi Winlog Buffer Overflow (Update A)
Last RevisedApril 23, 2013
Alert CodeICSA-11-298-01A
## Overview
ICS-CERT originally released Advisory ICSA-11-298-01P on the US-CERT secure portal on October 25, 2011. This web page release was delayed to allow users time to download and install the update.
Independent researcher Paul Davis has identified a buffer overflow vulnerability in Sielco Sistemi Winlog application. Sielco Sistemi has produced a new release that mitigates this vulnerability. Mr. Davis has indicated to ICS-CERT that he has tested the new release and valid
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2011-12-22
Published