Lucene search

K
cve[email protected]CVE-2011-3143
HistoryAug 16, 2011 - 9:55 p.m.

CVE-2011-3143

2011-08-1621:55:01
CWE-399
web.nvd.nist.gov
25
cve-2011-3143
clearscada
vulnerability
control
microsystems
denial of service
remote attack
heap memory corruption
nvd

8.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.081 Low

EPSS

Percentile

94.4%

Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption.

Affected configurations

NVD
Node
avevaclearscadaMatch2005
OR
avevaclearscadaMatch2007
OR
avevaclearscadaMatch2009
Node
schneider-electricscx_67Range<r4.5
OR
schneider-electricscx_68Range<r3.9

8.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.081 Low

EPSS

Percentile

94.4%

Related for CVE-2011-3143