CVE-2011-3495 Information

Description

Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read modify or delete arbitrary files via the (1) RF (2) wF (3) UF or (4) NF command.

Reference

http://aluigi.altervista.org/adv/scadapro_1-adv.txt http://securityreason.com/securityalert/8382 http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf