CVE-2012-3792
published 2012-06-25CVE-2012-3792: Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of…
PriorityP431medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
11.22%
95.4th percentile
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (out-of-bounds read operation) via a crafted packet that triggers a certain Find Node check attempt.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pro-face | pro-server_ex | <= 1.30.000 | — |
| pro-face | pro-server_ex | — | — |
| pro-face | pro-server_ex | — | — |
| pro-face | pro-server_ex | — | — |
| pro-face | wingp_pc_runtime | <= 3.1.00 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Pro-Face Pro-Server EX Vulnerabilities
cisa_ics·2012-05-16
Pro-Face Pro-Server EX Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Pro-Face Pro-Server EX Vulnerabilities
Last RevisedSeptember 06, 2018
Alert CodeICSA-12-179-01
## Overview
This advisory is a follow-up to the alert titled “ICS-ALERT-12-137-01 Pro-face Pro-Server EX Vulnerabilities,” that was published May 16, 2012, on the ICS-CERT Web page.
Independent researcher Luigi Auriemma identified multiple vulnerabilities in the Pro-face Pro-Server EX application and publicly released this information without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT.
The four confirmed vulnerabilities are invalid memo
GHSA
GHSA-8993-m67v-m44q: Pro-face WinGP PC Runtime 3
ghsa_unreviewed·2022-05-17
CVE-2012-3792 [MEDIUM] CWE-119 GHSA-8993-m67v-m44q: Pro-face WinGP PC Runtime 3
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (out-of-bounds read operation) via a crafted packet that triggers a certain Find Node check attempt.
No detection rules found.
No writeups or analysis indexed.
http://aluigi.org/adv/proservrex_1-adv.txthttp://ics-cert.us-cert.gov/advisories/ICSA-12-179-01http://secunia.com/advisories/49172http://www.securityfocus.com/bid/53499https://www.hmisource.com/otasuke/download/update/server_ex/server_ex/Readme_E.txthttps://www.hmisource.com/otasuke/news/2012/0606.htmlhttp://aluigi.org/adv/proservrex_1-adv.txthttp://ics-cert.us-cert.gov/advisories/ICSA-12-179-01http://secunia.com/advisories/49172http://www.securityfocus.com/bid/53499https://www.hmisource.com/otasuke/download/update/server_ex/server_ex/Readme_E.txthttps://www.hmisource.com/otasuke/news/2012/0606.html
2012-06-25
Published