CVE-2011-3143

Name of the Vulnerable Software and Affected Versions Control Microsystems ClearSCADA versions 2005 through 2009 before R2.3 and R1.4 SCX versions prior to 67 R4.5 and 68 R3.9

Description The issue is related to a use-after-free vulnerability that can be triggered by remote attackers using unspecified long strings, leading to heap memory corruption. This can cause a denial of service (crash) and potentially allow the execution of arbitrary code.

Recommendations For Control Microsystems ClearSCADA versions 2005 through 2009 before R2.3 and R1.4, update to version R2.3 or R1.4 or later. For SCX versions prior to 67 R4.5 and 68 R3.9, update to version 67 R4.5 or 68 R3.9 or later.