Stack-Based Buffer Overflow in WellinTech KingView ActiveX Control
CVE-2011-3142

Currently unrated

Key Information:

Vendor

Wellintech

Status
Kingview
Vendor
CVE Published:
16 August 2011

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC🟣 EPSS 33%

What is CVE-2011-3142?

A stack-based buffer overflow vulnerability exists in an ActiveX control within the KVWebSvr.dll file in WellinTech's KingView versions 6.52 and 6.53. This flaw can be exploited by remote attackers to execute arbitrary code on the affected system. Specifically, the vulnerability arises from inadequate validation of input passed to the ValidateUser method, whereby an excessively long second argument can lead to memory corruption. This exposes organizations using KingView to significant security risks, making it critical to apply appropriate patches and mitigations against this exploit.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2011-3142 - Proof of Concept

References

http://www.scadahacker.com/exploits-wellintech-kvwebsvr.html
x_refsource_MISC
http://www.us-cert.gov/control_systems/pdf/ICSA-11-074-01...
x_refsource_MISC
http://www.cnvd.org.cn/vulnerability/CNVD-2011-04541
x_refsource_MISC

EPSS Score

33% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

JSON
.