December 6, 2011 (Updated December 27, 2011)

Independent researcher Paul Davis has identified a buffer overflow vulnerability in Sielco Sistemi Winlog application.

Successful exploitation of this vulnerability could lead to a program crash or arbitrary code execution. This vulnerability is not remotely exploitable and cannot be exploited without user interaction. The exploit is only triggered when a local user runs the vulnerable application and loads the malformed file.

The following Sielco Sistemi products are affected:
-  Winlog Lite versions older than Version 2.07.09 (Demo Version)
-  Winlog PRO versions older than Version 2.07.09

Sielco Sistemi has produced a new release that mitigates this vulnerability. Mr. Davis has validated that it resolves the vulnerability.

ICSA-11-298-01A
ICSA-11-298-01
ICSA-11-298-01P (released on Oct. 25, 2011 via US-CERT secure Portal)

Vendor Home Page
Winlog Product Info
Vendor Patch - Winlog LIte
Vendor Patch - Winlog PRO
Winlog Lite Free Download

No public exploit is available at this time.

CVE-2011-4037
NVD CVE-2011-4037

Secunia Vulnerability Report and Statistics on Winlog 2.x

New Release for Vulnerable SCADA (ISSSource)