Measuresoft ScadaPro Server DLL Code Execution Vulnerability Network Vulnerability

Summary

The host is installed with Measuresoft ScadaPro Server and is prone to code execution vulnerability.

Impact

Successful exploitation will allow attackers to execute arbitrary code on the system via a specially-crafted library. Impact Level: System/Application

Solution

Upgrade to version 4.0.0 or later, For updates refer to http://www.measuresoft.com/download/current_release.aspx

Insight

A flaw exists in the application, which does not directly specify the fully qualified path to a dynamic-linked library.

Affected

Measuresoft ScadaPro Server before 4.0.0

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://www.osvdb.com/82233
http://www.us-cert.gov/control_systems/pdf/ICSA-12-145-01.pdf
http://xforce.iss.net/xforce/xfdb/75860

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-1824

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Sep14 (Mac OS X)
Adobe Air Remote Code Execution Vulnerability -June13 (Windows)
Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Windows)
Adobe Air Multiple Vulnerabilities June-2012 (Mac OS X)

Take action and discover your vulnerabilities