Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_KINGVIEW_6_53_2012-03-22.NBIN
HistoryJun 05, 2012 - 12:00 a.m.

WellinTech KingView 6.53 < 2012-03-22 Multiple Vulnerabilities

2012-06-0500:00:00
This script is Copyright (C) 2012-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.031 Low

EPSS

Percentile

91.0%

JSON

According to its version, the instance of WellinTech KingView installed on the remote Windows host is affected by multiple vulnerabilities:

  • A denial of service vulnerability in ‘NetGenius.exe’ when parsing invalid pointer packets resulting in a buffer overflow.

  • A directory traversal vulnerability in ‘Touchvew.exe’ due to not sanitizing user input.

  • An insecure DLL loading vulnerability. (CVE-2012-1819)

  • A stack-based buffer overflow vulnerability that may be exploited via a specially-crafted packet sent to port 555. (CVE-2012-1830)

  • A heap-based buffer overflow vulnerability that may be exploited via a specially-crafted packet sent to port 555. (CVE-2012-1831)

  • An out-of-bounds read error that may be exploited via a specially-crafted packet sent to port 2001.
    (CVE-2012-1832)

  • A directory traversal vulnerability that may be exploited via a specially-crafted HTTP GET request on port 8001. (CVE-2012-2560)

Binary data scada_kingview_6_53_2012-03-22.nbin
VendorProductVersionCPE
wellintechkingviewcpe:/a:wellintech:kingview

Related

openvas 1
ics 2
prion 5
cvelist 5
nvd 5
cve 5
checkpoint_advisories 1
openvas
openvas
WellinTech KingView Multiple Vulnerabilities
2012-07-10 00:00:00
ics
ics
WellinTech KingView Multiple Vulnerabilities
2014-09-02 12:00:00
WellinTech KingView DLL Hijack Vulnerability
2013-04-18 12:00:00
prion
prion
Directory traversal
2012-07-05 03:23:00
Heap overflow
2012-07-05 03:23:00
Stack overflow
2012-07-05 03:23:00
cvelist
cvelist
CVE-2012-1830
2022-10-03 16:15:27
CVE-2012-1831
2022-10-03 16:15:26
CVE-2012-1819
2012-05-02 22:00:00
nvd
nvd
CVE-2012-2560
2012-07-05 03:23:18
CVE-2012-1830
2012-07-05 03:23:18
CVE-2012-1832
2012-07-05 03:23:18
cve
cve
CVE-2012-1831
2022-10-03 16:15:26
CVE-2012-2560
2022-10-03 16:15:36
CVE-2012-1830
2022-10-03 16:15:27
checkpoint_advisories
checkpoint_advisories
WellinTech KingView Buffer Overflow - Ver2 (CVE-2011-0406; CVE-2012-1830)
2018-07-01 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.031 Low

EPSS

Percentile

91.0%

JSON
Related for SCADA_KINGVIEW_6_53_2012-03-22.NBIN
openvas1ics2prion5cvelist5nvd5cve5checkpoint_advisories1