Pro-faceCVEs & Vulnerabilities

6 CVEs affecting Pro-face products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

pro-server ex 24wingp pc runtime 6
CVE-2012-3797CRITICALpoc

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a short crafted packet with a certain opcode.

25 Jun 2012
10.0
CVSS
CVE-2012-3796MEDIUMpoc

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to obtain sensitive information from daemon memory via a crafted packet with a certain opcode.

25 Jun 2012
5.0
CVSS
CVE-2012-3795MEDIUMpoc

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (daemon crash) via a crafted packet with a certain opcode and a large value in a size field.

25 Jun 2012
5.0
CVSS
CVE-2012-3794MEDIUMpoc

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted packet with a certain opcode that triggers an invalid attempt to allocate a large amount of memory.

25 Jun 2012
5.0
CVSS
CVE-2012-3793MEDIUMpoc

Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (daemon crash) via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer overflow.

25 Jun 2012
5.0
CVSS
CVE-2012-3792MEDIUMpoc

Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (out-of-bounds read operation) via a crafted packet that triggers a certain Find Node check attempt.

25 Jun 2012
5.0
CVSS
← PrevPage 1 / 1Next →