CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
92.3%
Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (daemon crash) via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer overflow.
Vendor | Product | Version | CPE |
---|---|---|---|
pro-face | pro-server_ex | * | cpe:2.3:a:pro-face:pro-server_ex:*:*:*:*:*:*:*:* |
pro-face | pro-server_ex | 1.21.000 | cpe:2.3:a:pro-face:pro-server_ex:1.21.000:*:*:*:*:*:*:* |
pro-face | pro-server_ex | 1.23.000 | cpe:2.3:a:pro-face:pro-server_ex:1.23.000:*:*:*:*:*:*:* |
pro-face | pro-server_ex | 1.24.200 | cpe:2.3:a:pro-face:pro-server_ex:1.24.200:*:*:*:*:*:*:* |
pro-face | wingp_pc_runtime | * | cpe:2.3:a:pro-face:wingp_pc_runtime:*:*:*:*:*:*:*:* |
aluigi.org/adv/proservrex_1-adv.txt
ics-cert.us-cert.gov/advisories/ICSA-12-179-01
secunia.com/advisories/49172
www.securityfocus.com/bid/53499
exchange.xforce.ibmcloud.com/vulnerabilities/75547
www.hmisource.com/otasuke/download/update/server_ex/server_ex/Readme_E.txt
www.hmisource.com/otasuke/news/2012/0606.html