CVE-2011-3497

Public exploit
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method.
Max CVSS
10.0
EPSS Score
22.12%
Published
2011-09-16
Updated
2012-02-14
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.
Max CVSS
10.0
EPSS Score
10.92%
Published
2011-09-16
Updated
2012-02-14
Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.
Max CVSS
10.0
EPSS Score
3.31%
Published
2011-09-16
Updated
2012-02-14
Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command.
Max CVSS
10.0
EPSS Score
7.34%
Published
2011-09-16
Updated
2012-02-14
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!