Lucene search
+L

165 matches found

securityvulns
securityvulns
added 2011/12/26 12:0 a.m.82 views

ZDI-11-351 : WellinTech KingView HistoryServer.exe Opcode 3 Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-351 : WellinTech KingView HistoryServer.exe Opcode 3 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-351 December 22, 2011 - -- CVE ID: CVE-2011-4536 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...

10CVSS1.1AI score0.08635EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2011/12/22 12:0 a.m.39 views

WellinTech KingView HistoryServer.exe Opcode 3 Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wellintek KingView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code inside nettransdll.dll. The parent service is called...

10CVSS5.3AI score0.08635EPSS
Exploits0References1
ICS
ICS
added 2011/12/16 7:0 a.m.61 views

WellinTech KingView 6.53 KVWebSvr ActiveX

Overview This advisory is a follow-up to ICS-ALERT-11-066-01 - WellinTech KingView 6.53 ActiveX Vulnerability, published on the ICS-CERT Web page on March 7, 2011. An independent security researcher reported a stack-based buffer overflow vulnerability in an ActiveX control in WellinTech KingView...

10CVSS8.7AI score0.381EPSS
Exploits1References10
exploitpack
exploitpack
added 2011/11/09 12:0 a.m.15 views

KingView-Scada

Stack-Based buffer overflow in KingView 6.5.3 SCADA HMI allow remote attackers to cause a DoS or execute arbitrary code via a long filename in a read or write request. The vulnerability is caused due to a boundary error in the handling of filenames and can be exploited to cause a stack-based buff...

6.5AI score
Exploits0
ICS
ICS
added 2011/10/20 6:0 a.m.62 views

WellinTech Kingview 6.53 Remote Heap Overflow

Overview This advisory is a follow-up to ICS-ALERT-11-011-01 WellinTech Kingview Buffer Overflow, published on the ICS-CERT Web site on January 11, 2011. Independent security researcher Dillon Beresford reported a heap overflow vulnerability in WellinTech KingView V6.53, which may allow a remote,...

10CVSS9AI score0.20939EPSS
Exploits2References10
ICS
ICS
added 2011/09/23 6:0 a.m.46 views

WellinTech KingView History Server Buffer Overflow

Overview ICS-CERT has received a report from the Zero Day Initiative ZDI concerning a heap-based buffer overflow vulnerability in WellinTech’s Kingview HistoryServer.exe, which may allow a remote, unauthenticated attacker to execute arbitrary code. This vulnerability was reported to ZDI by...

10CVSS7.7AI score0.08635EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2011/08/29 12:0 a.m.27 views

WellinTech KingView 'KVWebSvr.dll' ActiveX Control Heap Buffer Overflow Vulnerability

This host is installed with KingView and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodkingviewactivexbofvuln.nasl 7052 2017-09-04 11:50:51Z teissa $ WellinTech KingView 'KVWebSvr.dll' ActiveX Control Heap Buffer Overflow Vulnerability Authors: Madhuri D...

10CVSS0.8AI score0.381EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2011/08/29 12:0 a.m.19 views

WellinTech KingView 'KVWebSvr.dll' ActiveX Control Heap Buffer Overflow Vulnerability

KingView is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7AI score0.381EPSS
Exploits1References1
NVD
NVD
added 2011/08/16 9:55 p.m.17 views

CVE-2011-3142

Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method...

10CVSS8AI score0.381EPSS
Exploits1References8
Prion
Prion
added 2011/08/16 9:55 p.m.16 views

Stack overflow

Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method...

10CVSS8.7AI score0.381EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2011/08/16 9:0 p.m.56 views

CVE-2011-3142

CVE-2011-3142 affects WellinTech KingView KVWebSvr.dll ActiveX control in versions 6.52/6.53. The vulnerability is a stack-based buffer overflow triggered by a long second argument to the ValidateUser method, enabling remote code execution. Public exploit code exists (ICS-CERT/ISA advisories refe...

10CVSS8.3AI score0.381EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2011/08/16 9:0 p.m.30 views

CVE-2011-3142

Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method...

8AI score0.381EPSS
Exploits1References8
0day.today
0day.today
added 2011/03/08 12:0 a.m.36 views

KingView 6.5.3 SCADA ActiveX Exploit

Exploit for windows platform in category remote exploits Exploit Title: KingView 6.5.3 SCADA ActiveX Date: March 07 2011 Author: Carlos Mario Penagos Hollmann Software Link: http://download.kingview.com/software/kingview%20English%20Version/kingview6.53EN.rar Version: 6.53 English Tested on:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/07 12:0 a.m.39 views

KingView 6.5.3 SCADA Active-X

Exploit Title: KingView 6.5.3 SCADA ActiveX Date: March 07 2011 Author: Carlos Mario Penagos Hollmann Software Link: http://download.kingview.com/software/kingview%20English%20Version/kingview6.53EN.rar Version: 6.53 English Tested on: Windows xp sp3 running on VMware Fusion 3.1 and VirtualBox...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2011/03/07 12:0 a.m.40 views

KingView 6.5.3 SCADA - ActiveX

KingView 6.5.3 SCADA - ActiveX Exploit Title: KingView 6.5.3 SCADA ActiveX Date: March 07 2011 Author: Carlos Mario Penagos Hollmann Software Link: http://download.kingview.com/software/kingview%20English%20Version/kingview6.53EN.rar Version: 6.53 English Tested on: Windows xp sp3 running on VMwa...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2011/03/07 12:0 a.m.51 views

KingView 6.5.3 SCADA - ActiveX

Exploit Title: KingView 6.5.3 SCADA ActiveX Date: March 07 2011 Author: Carlos Mario Penagos Hollmann Software Link: http://download.kingview.com/software/kingview%20English%20Version/kingview6.53EN.rar Version: 6.53 English Tested on: Windows xp sp3 running on VMware Fusion 3.1 and VirtualBox...

7.4AI score
Exploits0
CERT
CERT
added 2011/01/12 12:0 a.m.34 views

WellinTech KingView 6.53 remote heap overflow vulnerability

Overview WellinTech KingView 6.53 contains a remote heap overflow vulnerability in the HistorySrv process which may allow a remote, unauthenticated attacker to execute arbitrary code. Description According to WellinTech's website: "King V iew software is a high-pormance production which can be us...

10CVSS7.5AI score0.20939EPSS
Exploits2References9
ThreatPost
ThreatPost
added 2011/01/11 6:12 p.m.10 views

Researcher: Holes Abound in Chinese SCADA

The researcher who discovered a hole in a prominent SCADA software package used in China claims that holes in the country’s SCADA systems aren’t uncommon, and blames a lack of transparency for the vulnerabilities. A security researcher at NSS Labs who disclosed a critical vulnerability in a popul...

1AI score
Exploits0References7
Prion
Prion
added 2011/01/11 3:0 a.m.17 views

Heap overflow

Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777...

10CVSS8.7AI score0.20939EPSS
Exploits2References11Affected Software1
CVE
CVE
added 2011/01/11 1:0 a.m.64 views

CVE-2011-0406

CVE-2011-0406 concerns a remote heap overflow in WellinTech KingView 6.53’s HistorySvr.exe. A specially crafted request to port 777 can cause heap corruption, allowing a remote attacker to execute arbitrary code or crash the service. Public references note exploitation code exists and a patch was...

10CVSS8.3AI score0.20939EPSS
Exploits2References11Affected Software1
Rows per page
Query Builder