CVE-2011-0406

Published: Jan 11, 2011Modified: Apr 29, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777.

Affected (1)

Products: Wellintech: Kingview

Wellintech

1 product

Kingview

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Wellintech Kingview	Version 6.53

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (22)

http://osvdb.org/70366

Source: cve@mitre.org

http://secunia.com/advisories/42851

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/8134

Source: cve@mitre.org

http://thesauceofutterpwnage.blogspot.com/2011/01/waking-up-sleeping-dragon.html

Source: cve@mitre.org

http://www.cnnvd.org.cn/showCnnvd.html?id=2011010108

Source: cve@mitre.org

http://www.exploit-db.com/exploits/15957

Source: cve@mitre.org

Exploit

http://www.kb.cert.org/vuls/id/180119

Source: cve@mitre.org

US Government Resource

http://www.kingview.com/news/detail.aspx?contentid=528

Source: cve@mitre.org

http://www.securityfocus.com/bid/45727

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2011/0063

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/64559

Source: cve@mitre.org

http://osvdb.org/70366