CVE-2011-3143

2011-08-1621:00:00

mitre

www.cve.org

7.9 High

AI Score

Confidence

High

0.081 Low

EPSS

Percentile

94.4%

JSON

Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption.

References

secunia.com/advisories/44955

www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/

www.osvdb.org/72989

www.securityfocus.com/bid/46312

www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf

www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf