CVE-2011-3497 Information

Description

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function possibly related to an insecure exposed method.

Reference

http://aluigi.altervista.org/adv/scadapro_1-adv.txt http://securityreason.com/securityalert/8382 http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf