QwikSec

Security Database

CVE

CWE

Training

CVE-2011-3143

Published: Aug 16, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_SECUNIA

http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf

x_refsource_MISC

http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf

x_refsource_MISC

vdb-entry

x_refsource_BID

http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.