Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3794

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-3794
Last Modified 20 May 2013 11:19:25
Published 25 Jun 2012 01:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-3794

Summary

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted packet with a certain opcode that triggers an invalid attempt to allocate a large amount of memory.

Vulnerable Systems

Application

  • Pro-face Pro-server Ex 1.21.000

  • Pro-face Pro-server Ex 1.23.000

  • Pro-face Pro-server Ex 1.24.200

  • Pro-face Pro-server Ex 1.30.000

  • Pro-face Wingp Pc Runtime 3.1.00


References

CONFIRM - https://www.hmisource.com/otasuke/news/2012/0606.html

CONFIRM - https://www.hmisource.com/otasuke/download/update/server_ex/server_ex/Readme_E.txt

MISC - http://aluigi.org/adv/proservrex_1-adv.txt

XF - proserverex-exception-dos(75551)

BID - 53499

SECUNIA - 49172

MISC - http://ics-cert.us-cert.gov/advisories/ICSA-12-179-01


Last Updated: 27 May 2016 10:56:34