Buffer overflow in Wellintech Kingview

CVE-2011-4536

Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka HistoryServer.exe) in WellinTech KingView 6.53 and 65.30.2010.18018 allows remote attackers to execute arbitrary code via a crafted op-code 3 packet.

Vulnerability class: Buffer Overflow

EPSS: 0.310 (96.8th percentile) — read the EPSS interpretation.

Affected products

Wellintech Kingview — versions 6.53, 65.30.2010.18018
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cret@cert.org (x_refsource_MISC)
77992 (x_refsource_OSVDB, vdb-entry)
47339 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cret@cert.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cret@cert.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cret@cert.org (US Government Resource, Patch, x_refsource_MISC)