Published: 11/01/2011 Updated: 17/08/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote malicious users to execute arbitrary code via a long request to TCP port 777.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wellintech kingview 6.53

## Exploit Title: KingView 653 SCADA HMI Heap Overflow PoC ## Date: 9/28/2010 ## Author: Dillon Beresford ## Software Link: downloadkingviewcom/software/kingview%20English%20Version/kingview653_ENrar ## Version: 653 (English) ## Tested on: Windows XP SP1 ( works on SP2 and SP3 ) will release new targets after CERT advisory is public ...

CWE-119 http://www.securityfocus.com/bid/45727 http://www.vupen.com/english/advisories/2011/0063 http://www.exploit-db.com/exploits/15957 http://secunia.com/advisories/42851 http://thesauceofutterpwnage.blogspot.com/2011/01/waking-up-sleeping-dragon.html http://osvdb.org/70366 http://www.kingview.com/news/detail.aspx?contentid=528 http://www.cnnvd.org.cn/showCnnvd.html?id=2011010108 http://www.kb.cert.org/vuls/id/180119 http://securityreason.com/securityalert/8134 https://exchange.xforce.ibmcloud.com/vulnerabilities/64559 https://nvd.nist.gov https://www.exploit-db.com/exploits/15957/https://www.kb.cert.org/vuls/id/180119

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-0406

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect