Buffer overflow in Wellintech Kingview

CVE-2011-0406

Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777.

Vulnerability class: Buffer Overflow

EPSS: 0.557 (98.1th percentile) — read the EPSS interpretation.

Affected products

Wellintech Kingview — versions 6.53
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

kingview-historysvr-bo(64559) (vdb-entry, x_refsource_XF)
15957 (Exploit, exploit, x_refsource_EXPLOIT-DB)
45727 (Exploit, vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_MISC)
42851 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
70366 (x_refsource_OSVDB, vdb-entry)
8134 (x_refsource_SREASON, third-party-advisory)
ADV-2011-0063 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM)