Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3497

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-3497
Last Modified 13 Feb 2012 11:08:47
Published 16 Sep 2011 01:26:14
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3497

Summary

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method.

Vulnerable Systems

Application

  • Measuresoft Scadapro 2.1

  • Measuresoft Scadapro 2.2

  • Measuresoft Scadapro 2.3

  • Measuresoft Scadapro 2.4

  • Measuresoft Scadapro 2.4.1

  • Measuresoft Scadapro 2.4.2

  • Measuresoft Scadapro 2.4.3

  • Measuresoft Scadapro 2.4.4

  • Measuresoft Scadapro 2.4.5

  • Measuresoft Scadapro 2.4.6

  • Measuresoft Scadapro 2.5

  • Measuresoft Scadapro 2.5.1

  • Measuresoft Scadapro 2.5.2

  • Measuresoft Scadapro 2.5.3

  • Measuresoft Scadapro 2.5.4

  • Measuresoft Scadapro 2.5.5

  • Measuresoft Scadapro 2.6.0

  • Measuresoft Scadapro 2.7.0

  • Measuresoft Scadapro 2.7.1

  • Measuresoft Scadapro 2.7.2

  • Measuresoft Scadapro 2.8.0

  • Measuresoft Scadapro 2.9.0

  • Measuresoft Scadapro 3.1.0

  • Measuresoft Scadapro 3.2.8

  • Measuresoft Scadapro 3.2.9

  • Measuresoft Scadapro 3.3.0

  • Measuresoft Scadapro 3.3.1

  • Measuresoft Scadapro 3.3.2

  • Measuresoft Scadapro 3.9.0

  • Measuresoft Scadapro 3.9.1

  • Measuresoft Scadapro 3.9.10

  • Measuresoft Scadapro 3.9.11

  • Measuresoft Scadapro 3.9.12

  • Measuresoft Scadapro 3.9.13

  • Measuresoft Scadapro 3.9.14

  • Measuresoft Scadapro 3.9.15

  • Measuresoft Scadapro 3.9.2

  • Measuresoft Scadapro 3.9.3

  • Measuresoft Scadapro 3.9.4

  • Measuresoft Scadapro 3.9.5

  • Measuresoft Scadapro 3.9.6

  • Measuresoft Scadapro 3.9.7

  • Measuresoft Scadapro 3.9.8

  • Measuresoft Scadapro 3.9.9

  • Measuresoft Scadapro 4.0.0


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf

MISC - http://aluigi.altervista.org/adv/scadapro_1-adv.txt

SREASON - 8382


Last Updated: 27 May 2016 10:57:25