CVE-2011-3143 Information

Description

Use-after-free vulnerability in Control Microsystems ClearSCADA 2005 2007 and 2009 before R2.3 and R1.4 as used in SCX before 67 R4.5 and 68 R3.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption.

Reference

http://secunia.com/advisories/44955 http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/ http://www.osvdb.org/72989 http://www.securityfocus.com/bid/46312 http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf