165 matches found
KingView 6.5.3 SCADA HMI Heap Overflow PoC
No description provided by source. Exploit Title: KingView 6.53 SCADA HMI Heap Overflow PoC Date: 9/28/2010 Author: Dillon Beresford Software Link: http://download.kingview.com/software/kingview%20English%20Version/kingview6.53EN.rar Version: 6.53 English Tested on: Windows XP SP1 works on SP2 an...
Kingview Touchview 6.53 EIP Overwrite
No description provided by source. Exploit Title: Kingview Touchview EIP direct control Date: June 24 2012 Exploit Author: Carlos Mario Penagos Hollmann Vendor Homepage: www.kingview.com Version: 6.53 Tested on: Windows SP 1 CVE : Open kingivew click on Make choose network configuration---network...
KingView ActiveX Control Directory Traversal - Ver2 (CVE-2013-6128)
A directory traversal vulnerability has been reported in Wellintech Kingview. Successful exploitation of this vulnerability would allow a remote attacker to list directories, create arbitrary files and subsequently execute arbitrary code on the affected system...
KingSCADA/KingGraphic远程代码执行漏洞
CVECAN ID: CVE-2013-2827 KingSCADA系列产品是基于Windows的控制、监督和数据收集应用程序。 KingSCADA、KingGraphic 3.1及之前版本处理 "ProjectURL" 属性时,ActiveX组件内出现错误,成功利用后可导致下载并执行任意代码。 0 kingview KingSCADA = 3.1 kingview KingGraphic = 3.1 厂商补丁: kingview -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kingview.com...
WellinTech KingView ActiveX Control Heap Buffer Overflow Remote Code Execution (CVE-2011-3142)
A stack-based buffer overflow vulnerability has been reported in WellinTech KingView ActiveX control. The vulnerability is due to failure to perform adequate boundary checks on user-supplied input. A remote attacker can exploit this vulnerability by sending via a long second argument to the...
WellinTech KingView KingMess Buffer Overflow
Overview This updated advisory is a follow-up to the original advisory titled ICSA-13-043-02—WellinTech KingView KingMess Buffer Overflow that was published February 12, 2013, on the ICS-CERT Web page. This updated advisory provides mitigation details for a vulnerability that impacts the WellinTe...
CVE-2013-6127
The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the...
CVE-2013-6128
The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict SaveToFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the singl...
DSquare Exploit Pack: D2SEC_KINGVIEW
Name| d2seckingview ---|--- CVE| CVE-2013-6127 Exploit Pack| D2ExploitPack Description| KingView 6.53 ActiveX Control Remote Code Execution Vulnerability Notes|...
Directory traversal
The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the...
Directory traversal
The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict SaveToFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the singl...
CVE-2013-6127
The CVE-2013-6127 vulnerability affects WellinTech KingView prior to version 6.53, where the SUPERGRIDLib.SuperGrid ActiveX control (SuperGrid.ocx) before 65.30.30000.10002 allows an attacker to bypass restrictions on ReplaceDBFile, enabling remote creation/overwrite of arbitrary files via two pa...
CVE-2013-6128
The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict SaveToFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the singl...
CVE-2013-6128
CVE-2013-6128 affects WellinTech KingView ActiveX controls: KChartXY.ocx and related SuperGrid.ocx in KingView versions older than 6.53, specifically before 65.30.30000.10002. The flaw is an insufficient restriction of SaveToFile calls, enabling a remote attacker to perform directory traversal to...
WellinTech KingView ActiveX Multiple Arbitrary File Overwrite Vulnerabilities
Binary data scadakingviewactivex.nbin...
KingView 6.53 Active-X File Copy
KingView Insecure ActiveX Control Proof of Concept - SuperGrid.ocx This proof of concept will copy any arbritrary file from one location to a second location. A malicious user may be able to use this to copy a file from an attacker controlled share to the target or from the target to an attacker...
KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)
Exploit for windows platform in category local exploits arg1="..................................\WINDOWS\win.ini" target.SaveToFile arg1 0day.today 2018-03-13...
KingView 6.53 Active-X File Overwrite / Creation
arg1="..................................\WINDOWS\win.ini" target.SaveToFile arg1...
KingView 6.53 - Insecure ActiveX Control (SuperGrid)
Exploit for windows platform in category local exploits KingView Insecure ActiveX Control Proof of Concept - SuperGrid.ocx This proof of concept will copy any arbritrary file from one location to a second location. A malicious user may be able to use this to copy a file from an attacker controlle...
KingView 6.53 - KChartXY ActiveX File Creation Overwrite
KingView 6.53 - KChartXY ActiveX File Creation Overwrite arg1="..................................\WINDOWS\win.ini" target.SaveToFile arg1...