Realflex Realwin vulnerabilities
4 known vulnerabilities affecting realflex/realwin.
Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2011-1563P2CRITICALCVSS 10.0PoC≤ 2.1v1.06+1 more2011-04-05
CVE-2011-1563 [CRITICAL] CWE-119 CVE-2011-1563: Multiple stack-based buffer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.
Multiple stack-based buffer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via (1) a long username in an On_FC_CONNECT_FCS_LOGIN packet, and crafted (2) On_FC_CTAGLIST_FCS_CADDTAG, (3) On_FC_CTAGLIST_FCS_CDELTAG, (4) On_FC_CTAGLIST_FCS_ADDTAGMS, (5) On_FC_
nvd
CVE-2010-4142P2CRITICALCVSS 10.0PoCv1.06v2.02010-11-02
CVE-2010-4142 [CRITICAL] CWE-119 CVE-2010-4142: Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote a
Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) SCPC_INITIALIZE, (2) SCPC_INITIALIZE_RF, or (3) SCPC_TXTEVENT packet. NOTE: it was later reported that 1.06 is also affected by one of these requests.
nvd
CVE-2011-1564P2CRITICALCVSS 10.0PoC≤ 2.1v1.06+1 more2011-04-05
CVE-2011-1564 [CRITICAL] CWE-189 CVE-2011-1564: Multiple integer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) an
Multiple integer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via crafted (1) On_FC_MISC_FCS_MSGBROADCAST and (2) On_FC_MISC_FCS_MSGSEND packets, which trigger a heap-based buffer overflow.
nvd
CVE-2012-3004P4MEDIUMCVSS 6.9≤ 2.1.12v1.06+2 more2012-09-08
CVE-2012-3004 [MEDIUM] CVE-2012-3004: Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.
Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.1.86, and RealWinDemo before 2.1.13 allow local users to gain privileges via a Trojan horse (1) realwin.dll or (2) keyhook.dll file in the current working directory.
nvd