Lucene search

[email protected]CVE-2011-0406

HistoryJan 11, 2011 - 3:00 a.m.

CVE-2011-0406

2011-01-1103:00:06

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-0406

historysvr.exe

wellintech kingview

buffer overflow

remote code execution

tcp port 777

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.544 Medium

EPSS

Percentile

97.7%

JSON

Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777.

Affected configurations

NVD

Node

wellintechkingviewMatch6.53

CPENameOperatorVersion
wellintech:kingviewwellintech kingvieweq6.53

CPE	Name	Operator	Version
wellintech:kingview	wellintech kingview	eq	6.53

References

osvdb.org/70366

secunia.com/advisories/42851

securityreason.com/securityalert/8134

thesauceofutterpwnage.blogspot.com/2011/01/waking-up-sleeping-dragon.html

www.cnnvd.org.cn/showCnnvd.html?id=2011010108

www.exploit-db.com/exploits/15957

www.kb.cert.org/vuls/id/180119

www.kingview.com/news/detail.aspx?contentid=528

www.securityfocus.com/bid/45727

www.vupen.com/english/advisories/2011/0063

exchange.xforce.ibmcloud.com/vulnerabilities/64559

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.544 Medium

EPSS

Percentile

97.7%

JSON

Related for CVE-2011-0406

cvelist1 prion1 cert1 nvd1 checkpoint_advisories1