Stack-Based Buffer Overflow in WellinTech KingView ActiveX Control
CVE-2011-3142

Currently unrated

Key Information:

Vendor

Wellintech

Status
Kingview
Vendor
CVE Published:
16 August 2011

What is CVE-2011-3142?

A stack-based buffer overflow vulnerability exists in an ActiveX control within the KVWebSvr.dll file in WellinTech's KingView versions 6.52 and 6.53. This flaw can be exploited by remote attackers to execute arbitrary code on the affected system. Specifically, the vulnerability arises from inadequate validation of input passed to the ValidateUser method, whereby an excessively long second argument can lead to memory corruption. This exposes organizations using KingView to significant security risks, making it critical to apply appropriate patches and mitigations against this exploit.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.scadahacker.com/exploits-wellintech-kvwebsvr.html
x_refsource_MISC
http://www.us-cert.gov/control_systems/pdf/ICSA-11-074-01...
x_refsource_MISC
http://www.cnvd.org.cn/vulnerability/CNVD-2011-04541
x_refsource_MISC

EPSS Score

29% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.