Lucene search
+L

167 matches found

Tenable Nessus
Tenable Nessus
added 2014/07/23 12:0 a.m.11 views

WellinTech KingSCADA Server Detection via TCP

Binary data 7130.pasl...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)

No description provided by source. !-- KingView ActiveX Control KChartXY Remote File Creation / Overwrite Vendor: http://www.wellintech.com Version: KingView 6.53 Tested on: Windows XP SP3 / IE Download: http://www.wellintech.com/documents/KingView6.53EN.zip Author: Blake CLSID:...

7.1AI score
Exploits0
NVD
NVD
added 2014/04/12 4:37 a.m.20 views

CVE-2014-0787

Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet...

10CVSS7.8AI score0.1602EPSS
Exploits5References5
Prion
Prion
added 2014/04/12 4:37 a.m.24 views

Stack overflow

Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet...

10CVSS8.5AI score0.1602EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2014/04/12 1:0 a.m.74 views

CVE-2014-0787

WellinTech KingSCADA CVE-2014-0787 is a stack-based buffer overflow vulnerability affecting KingSCADA before 3.1.2.13. A crafted packet to the AlarmServer service (AEserver.exe) on TCP port 12401 can trigger a stack overflow via an improper size handling in packet parsing, allowing remote code ex...

10CVSS8AI score0.1602EPSS
Exploits5References5Affected Software1
Cvelist
Cvelist
added 2014/04/12 1:0 a.m.24 views

CVE-2014-0787 WellinTech KingSCADA Stack-based Buffer Overflow

Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet...

10CVSS7.8AI score0.1602EPSS
Exploits5References4
seebug.org
seebug.org
added 2014/04/11 12:0 a.m.45 views

WellinTech KingSCADA未明远程栈缓冲区溢出漏洞

CVE ID:CVE-2014-0787 WellinTech KingSCADA是一款面向高、中端市场的SCADA产品。 WellinTech KingSCADA存在一个基于栈的缓冲区溢出,允许攻击者向KingSCADA发送特制的报文,可以应用程序上下文执行任意代码。 0 WellinTech KingSCADA 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: http://www.wellintech.com/index.php?option=comcontent&view=article&id=56&Itemid=11...

10CVSS6.5AI score0.1602EPSS
Exploits5
Zero Day Initiative
Zero Day Initiative
added 2014/04/10 12:0 a.m.54 views

WellinTech KingScada AEserver.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingScada. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code contained in kxNetDispose.dll. The parent service is...

10CVSS7.3AI score0.1602EPSS
Exploits5References1
Check Point Advisories
Check Point Advisories
added 2014/03/13 12:0 a.m.42 views

WellinTech Multiple Products kxClientDownload ActiveX Remote Code Execution (CVE-2013-2827)

A remote code execution vulnerability exists in WellinTech multiple products. The vulnerability exists in ClientDownload.ocx ActiveX control and is due to insufficient sanitization of ProjectURL property. A remote unauthenticated attacker can leverage this vulnerability to download and load an...

7.5AI score0.49235EPSS
Exploits5
Zero Day Initiative
Zero Day Initiative
added 2014/02/05 12:0 a.m.25 views

WellinTech KingSCADA KingAlarm & Event KAEManageServer Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingSCADA KingAlarm&Event.; Authentication is not required to exploit this vulnerability. The specific flaw exists within KAEManageServer.exe, which listens by default on TCP port 8130...

7.5CVSS7.2AI score0.01776EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2014/02/05 12:0 a.m.36 views

WellinTech KingScada KingGraphic kxClientDownload ActiveX Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingScada KingGraphics. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.5CVSS3.8AI score0.49235EPSS
Exploits5References1
NVD
NVD
added 2014/01/15 4:8 p.m.17 views

CVE-2013-2827

An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value...

7.5CVSS7AI score0.49235EPSS
Exploits5References1
NVD
NVD
added 2014/01/15 4:8 p.m.20 views

CVE-2013-2826

WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP...

6.4CVSS6.9AI score0.01776EPSS
Exploits0References1
Prion
Prion
added 2014/01/15 4:8 p.m.18 views

Authentication flaw

WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP...

6.4CVSS7.4AI score0.01776EPSS
Exploits0References1Affected Software3
Prion
Prion
added 2014/01/15 4:8 p.m.20 views

Code injection

An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value...

7.5CVSS7.6AI score0.49235EPSS
Exploits5References1Affected Software3
CVE
CVE
added 2014/01/15 4:0 p.m.56 views

CVE-2013-2826

CVE-2013-2826 affects WellinTech KingSCADA prior to 3.1.2, KingAlarm&Event prior to 3.1, and KingGraphic prior to 3.1.2. Authentication is performed at the KAEClientManager console, not the server, enabling a remote attacker to discover credentials by sending a crafted packet to TCP port 8130. Co...

6.4CVSS7.1AI score0.01776EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2014/01/15 4:0 p.m.60 views

CVE-2013-2827

CVE-2013-2827 concerns an unresolved ActiveX control in WellinTech KingSCADA (before 3.1.2), KingAlarm&Event (before 3.1), and KingGraphic (before 3.1.2) that allows remote code execution by abusing the ProjectURL property to download and execute a DLL on a client. Root cause: insufficient saniti...

7.5CVSS7.2AI score0.49235EPSS
Exploits5References1Affected Software3
Cvelist
Cvelist
added 2014/01/15 4:0 p.m.22 views

CVE-2013-2827

An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value...

7AI score0.49235EPSS
Exploits5References1
Cvelist
Cvelist
added 2014/01/15 4:0 p.m.29 views

CVE-2013-2826

WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP...

6.9AI score0.01776EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2013/12/24 12:0 a.m.31 views

WellinTech KingView ActiveX Control Heap Buffer Overflow Remote Code Execution (CVE-2011-3142)

A stack-based buffer overflow vulnerability has been reported in WellinTech KingView ActiveX control. The vulnerability is due to failure to perform adequate boundary checks on user-supplied input. A remote attacker can exploit this vulnerability by sending via a long second argument to the...

10CVSS6.7AI score0.381EPSS
Exploits1
Rows per page
Query Builder