Description
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a short crafted packet with a certain opcode.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Luigi Auriemma · textdoswindows
https://www.exploit-db.com/exploits/18878
References (6)
Core 6
Core References
Vendor Advisory x_refsource_confirm
https://www.hmisource.com/otasuke/news/2012/0606.html
Various Sources x_refsource_confirm
https://www.hmisource.com/otasuke/download/update/server_ex/server_ex/Readme_E.txt
Various Sources x_refsource_misc
http://aluigi.org/adv/proservrex_1-adv.txt
Various Sources x_refsource_misc
http://ics-cert.us-cert.gov/advisories/ICSA-12-179-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53499
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/49172
Scores
EPSS
0.6116
EPSS Percentile
98.3%
Details
CWE
CWE-119
Status
published
Products (5)
pro-face/pro-server_ex
1.21.000
pro-face/pro-server_ex
1.23.000
pro-face/pro-server_ex
1.24.200
pro-face/pro-server_ex
< 1.30.000
pro-face/wingp_pc_runtime
< 3.1.00
Published
Jun 25, 2012
Tracked Since
Feb 18, 2026