Heap-Based Buffer Overflow in WellinTech KingView Product
CVE-2011-4536

Currently unrated

Key Information:

Vendor: Wellintech
Status: Kingview
Vendor: CVE Published:; 27 December 2011

Summary

A heap-based buffer overflow vulnerability exists in the nettransdll.dll component of the HistorySvr.exe (HistoryServer.exe) in WellinTech KingView versions 6.53 and 65.30.2010.18018. This flaw allows remote attackers to craft and send specially formed op-code 3 packets that could lead to arbitrary code execution, potentially compromising affected systems. It is crucial for users of KingView to apply necessary updates and monitor their systems to mitigate the risk of exploitation.

References

http://www.zerodayinitiative.com/advisories/ZDI-11-351/

x_refsource_MISC

http://www.osvdb.org/77992

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/47339

third-party-advisoryx_refsource_SECUNIA

EPSS Score

30% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 27, 2011