CVE-2011-3497

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
VendorProductVersion
measuresoftscadapro
𝑥
≤ 4.0.0
measuresoftscadapro
2.1
measuresoftscadapro
2.2
measuresoftscadapro
2.3
measuresoftscadapro
2.4
measuresoftscadapro
2.4.1
measuresoftscadapro
2.4.2
measuresoftscadapro
2.4.3
measuresoftscadapro
2.4.4
measuresoftscadapro
2.4.5
measuresoftscadapro
2.4.6
measuresoftscadapro
2.5
measuresoftscadapro
2.5.1
measuresoftscadapro
2.5.2
measuresoftscadapro
2.5.3
measuresoftscadapro
2.5.4
measuresoftscadapro
2.5.5
measuresoftscadapro
2.6.0
measuresoftscadapro
2.7.0
measuresoftscadapro
2.7.1
measuresoftscadapro
2.7.2
measuresoftscadapro
2.8.0
measuresoftscadapro
2.9.0
measuresoftscadapro
3.1.0
measuresoftscadapro
3.2.8
measuresoftscadapro
3.2.9
measuresoftscadapro
3.3.0
measuresoftscadapro
3.3.1
measuresoftscadapro
3.3.2
measuresoftscadapro
3.9.0
measuresoftscadapro
3.9.1
measuresoftscadapro
3.9.2
measuresoftscadapro
3.9.3
measuresoftscadapro
3.9.4
measuresoftscadapro
3.9.5
measuresoftscadapro
3.9.6
measuresoftscadapro
3.9.7
measuresoftscadapro
3.9.8
measuresoftscadapro
3.9.9
measuresoftscadapro
3.9.10
measuresoftscadapro
3.9.11
measuresoftscadapro
3.9.12
measuresoftscadapro
3.9.13
measuresoftscadapro
3.9.14
measuresoftscadapro
3.9.15
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://aluigi.altervista.org/adv/scadapro_1-adv.txt
http://securityreason.com/securityalert/8382
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf
http://aluigi.altervista.org/adv/scadapro_1-adv.txt
http://securityreason.com/securityalert/8382
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf