Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for scx_67 by schneider-electric

    CVE-2011-3144 (GCVE-0-2011-3144)

    Vulnerability from nvd – Published: 2011-08-16 21:00 – Updated: 2024-09-16 20:06
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:22:27.672Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "44955",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44955"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
              },
              {
                "name": "72987",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/72987"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/control-microsystems-cross-site-scripting-vulnerability/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-08-16T21:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "44955",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44955"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
            },
            {
              "name": "72987",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/72987"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/control-microsystems-cross-site-scripting-vulnerability/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-3144",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "44955",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/44955"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
                },
                {
                  "name": "72987",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/72987"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
                },
                {
                  "name": "http://www.digitalbond.com/scadapedia/vulnerability-notes/control-microsystems-cross-site-scripting-vulnerability/",
                  "refsource": "MISC",
                  "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/control-microsystems-cross-site-scripting-vulnerability/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-3144",
        "datePublished": "2011-08-16T21:00:00.000Z",
        "dateReserved": "2011-08-16T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:06:32.586Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-3143 (GCVE-0-2011-3143)

    Vulnerability from nvd – Published: 2011-08-16 21:00 – Updated: 2024-08-06 23:22
    VLAI
    Summary
    Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-02-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:22:27.623Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "72989",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/72989"
              },
              {
                "name": "44955",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44955"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
              },
              {
                "name": "46312",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46312"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-02-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-25T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "72989",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/72989"
            },
            {
              "name": "44955",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44955"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
            },
            {
              "name": "46312",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46312"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-3143",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "72989",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/72989"
                },
                {
                  "name": "44955",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/44955"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
                },
                {
                  "name": "46312",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46312"
                },
                {
                  "name": "http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/",
                  "refsource": "MISC",
                  "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-3143",
        "datePublished": "2011-08-16T21:00:00.000Z",
        "dateReserved": "2011-08-16T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:22:27.623Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-3143 (GCVE-0-2011-3143)

    Vulnerability from cvelistv5 – Published: 2011-08-16 21:00 – Updated: 2024-08-06 23:22
    VLAI
    Summary
    Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-02-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:22:27.623Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "72989",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/72989"
              },
              {
                "name": "44955",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44955"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
              },
              {
                "name": "46312",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46312"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-02-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-25T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "72989",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/72989"
            },
            {
              "name": "44955",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44955"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
            },
            {
              "name": "46312",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46312"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-3143",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "72989",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/72989"
                },
                {
                  "name": "44955",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/44955"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
                },
                {
                  "name": "46312",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46312"
                },
                {
                  "name": "http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/",
                  "refsource": "MISC",
                  "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-3143",
        "datePublished": "2011-08-16T21:00:00.000Z",
        "dateReserved": "2011-08-16T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:22:27.623Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-3144 (GCVE-0-2011-3144)

    Vulnerability from cvelistv5 – Published: 2011-08-16 21:00 – Updated: 2024-09-16 20:06
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:22:27.672Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "44955",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44955"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
              },
              {
                "name": "72987",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/72987"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/control-microsystems-cross-site-scripting-vulnerability/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-08-16T21:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "44955",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44955"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
            },
            {
              "name": "72987",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/72987"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/control-microsystems-cross-site-scripting-vulnerability/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-3144",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "44955",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/44955"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf"
                },
                {
                  "name": "72987",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/72987"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf"
                },
                {
                  "name": "http://www.digitalbond.com/scadapedia/vulnerability-notes/control-microsystems-cross-site-scripting-vulnerability/",
                  "refsource": "MISC",
                  "url": "http://www.digitalbond.com/scadapedia/vulnerability-notes/control-microsystems-cross-site-scripting-vulnerability/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-3144",
        "datePublished": "2011-08-16T21:00:00.000Z",
        "dateReserved": "2011-08-16T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:06:32.586Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }