var-201108-0127
Vulnerability from variot
Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView 'KVWebSvr.dll' The ActiveX control handles the parameters of the ValidateUser method with boundary conditions. The remote attacker can exploit the vulnerability to build a malicious WEB page, entice the user to parse, and execute arbitrary code in the application security context. WellinTech KingView ActiveX control is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed attacks will likely cause denial-of-service conditions. KingView 6.53 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0127",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 3.3,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "eq",
"trust": 3.0,
"vendor": "wellintech",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "kingview",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "kingview",
"version": "6.53"
}
],
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "BID",
"id": "46757"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:wellintech:kingview",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollmann",
"sources": [
{
"db": "BID",
"id": "46757"
}
],
"trust": 0.3
},
"cve": "CVE-2011-3142",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-3142",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3142",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-3142",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-285",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView \u0027KVWebSvr.dll\u0027 The ActiveX control handles the parameters of the ValidateUser method with boundary conditions. The remote attacker can exploit the vulnerability to build a malicious WEB page, entice the user to parse, and execute arbitrary code in the application security context. WellinTech KingView ActiveX control is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed attacks will likely cause denial-of-service conditions. \nKingView 6.53 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3142"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "BID",
"id": "46757"
},
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3142",
"trust": 3.3
},
{
"db": "BID",
"id": "46757",
"trust": 2.5
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-066-01",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-11-074-01",
"trust": 2.4
},
{
"db": "OSVDB",
"id": "72889",
"trust": 1.6
},
{
"db": "EXPLOIT-DB",
"id": "16936",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2011-04541",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285",
"trust": 1.2
},
{
"db": "CNVD",
"id": "CNVD-2011-0956",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494",
"trust": 0.8
},
{
"db": "IVD",
"id": "B65F53AA-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D7C1A81-463F-11E9-982D-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "660DCAD2-1F9C-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "BID",
"id": "46757"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
}
]
},
"id": "VAR-201108-0127",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
}
],
"trust": 1.7748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
}
]
},
"last_update_date": "2024-11-23T23:06:28.702000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/index.aspx"
},
{
"title": "\u30a6\u30a7\u30ea\u30f3\u30c6\u30c3\u30af\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "Asian Control Company KingView \u0027KVWebSvr.dll\u0027 ActiveX Control Heap Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/3267"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-074-01.pdf"
},
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-066-01.pdf"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/46757"
},
{
"trust": 1.6,
"url": "http://www.scadahacker.com/exploits-wellintech-kvwebsvr.html"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/72889"
},
{
"trust": 1.6,
"url": "http://www.kingview.com/news/detail.aspx?contentid=537"
},
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/16936"
},
{
"trust": 1.6,
"url": "http://www.cnvd.org.cn/vulnerability/cnvd-2011-04541"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3142"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3142"
},
{
"trust": 0.3,
"url": "http://en.wellintech.com/products/detail.aspx?contentid=15"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "BID",
"id": "46757"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "BID",
"id": "46757"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-17T00:00:00",
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-11T00:00:00",
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"date": "2011-03-11T00:00:00",
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"date": "2011-03-07T00:00:00",
"db": "BID",
"id": "46757"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-285"
},
{
"date": "2011-08-16T21:55:01.273000",
"db": "NVD",
"id": "CVE-2011-3142"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"date": "2015-04-13T21:01:00",
"db": "BID",
"id": "46757"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-285"
},
{
"date": "2024-11-21T01:29:49.830000",
"db": "NVD",
"id": "CVE-2011-3142"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView KVWebSvr.dll ActiveX Control Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
],
"trust": 1.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…