Vulnerability Description
Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wellintech | Kingview | 6.53 |
Related Weaknesses (CWE)
References
- http://osvdb.org/70366
- http://secunia.com/advisories/42851Vendor Advisory
- http://securityreason.com/securityalert/8134
- http://thesauceofutterpwnage.blogspot.com/2011/01/waking-up-sleeping-dragon.html
- http://www.cnnvd.org.cn/showCnnvd.html?id=2011010108
- http://www.exploit-db.com/exploits/15957Exploit
- http://www.kb.cert.org/vuls/id/180119US Government Resource
- http://www.kingview.com/news/detail.aspx?contentid=528
- http://www.securityfocus.com/bid/45727Exploit
- http://www.vupen.com/english/advisories/2011/0063Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64559
- http://osvdb.org/70366
- http://secunia.com/advisories/42851Vendor Advisory
- http://securityreason.com/securityalert/8134
- http://thesauceofutterpwnage.blogspot.com/2011/01/waking-up-sleeping-dragon.html
FAQ
What is CVE-2011-0406?
CVE-2011-0406 is a vulnerability with a CVSS score of 10.0 (HIGH). Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777.
How severe is CVE-2011-0406?
CVE-2011-0406 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-0406?
Check the references section above for vendor advisories and patch information. Affected products include: Wellintech Kingview.