ID

VAR-201108-0127


CVE

CVE-2011-3142


TITLE

WellinTech KingView KVWebSvr.dll ActiveX Control Stack Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: b65f53aa-2354-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201108-285

DESCRIPTION

Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView 'KVWebSvr.dll' The ActiveX control handles the parameters of the ValidateUser method with boundary conditions. The remote attacker can exploit the vulnerability to build a malicious WEB page, entice the user to parse, and execute arbitrary code in the application security context. WellinTech KingView ActiveX control is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed attacks will likely cause denial-of-service conditions. KingView 6.53 is vulnerable; other versions may also be affected

Trust: 2.97

sources: NVD: CVE-2011-3142 // JVNDB: JVNDB-2011-003494 // CNVD: CNVD-2011-0956 // BID: 46757 // IVD: b65f53aa-2354-11e6-abef-000c29c66e3d // IVD: 7d7c1a81-463f-11e9-982d-000c29342cb1 // IVD: 660dcad2-1f9c-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.2

sources: IVD: b65f53aa-2354-11e6-abef-000c29c66e3d // IVD: 7d7c1a81-463f-11e9-982d-000c29342cb1 // IVD: 660dcad2-1f9c-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-0956

AFFECTED PRODUCTS

vendor:wellintechmodel:kingviewscope:eqversion:6.53

Trust: 3.3

vendor:wellintechmodel:kingviewscope:eqversion:6.52

Trust: 3.0

vendor:kingviewmodel: - scope:eqversion:6.52

Trust: 0.6

vendor:kingviewmodel: - scope:eqversion:6.53

Trust: 0.6

sources: IVD: b65f53aa-2354-11e6-abef-000c29c66e3d // IVD: 7d7c1a81-463f-11e9-982d-000c29342cb1 // IVD: 660dcad2-1f9c-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-0956 // BID: 46757 // JVNDB: JVNDB-2011-003494 // CNNVD: CNNVD-201108-285 // NVD: CVE-2011-3142

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-3142
value: HIGH

Trust: 1.0

NVD: CVE-2011-3142
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201108-285
value: CRITICAL

Trust: 0.6

IVD: b65f53aa-2354-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

IVD: 7d7c1a81-463f-11e9-982d-000c29342cb1
value: CRITICAL

Trust: 0.2

IVD: 660dcad2-1f9c-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

nvd@nist.gov: CVE-2011-3142
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: b65f53aa-2354-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 7d7c1a81-463f-11e9-982d-000c29342cb1
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 660dcad2-1f9c-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: b65f53aa-2354-11e6-abef-000c29c66e3d // IVD: 7d7c1a81-463f-11e9-982d-000c29342cb1 // IVD: 660dcad2-1f9c-11e6-abef-000c29c66e3d // JVNDB: JVNDB-2011-003494 // CNNVD: CNNVD-201108-285 // NVD: CVE-2011-3142

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2011-003494 // NVD: CVE-2011-3142

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201108-285

TYPE

Buffer overflow

Trust: 1.2

sources: IVD: b65f53aa-2354-11e6-abef-000c29c66e3d // IVD: 7d7c1a81-463f-11e9-982d-000c29342cb1 // IVD: 660dcad2-1f9c-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201108-285

CONFIGURATIONS

[
  {
    "CVE_data_version": "4.0",
    "nodes": [
      {
        "operator": "OR",
        "cpe_match": [
          {
            "vulnerable": true,
            "cpe22Uri": "cpe:/a:wellintech:kingview"
          }
        ]
      }
    ]
  }
]

sources: JVNDB: JVNDB-2011-003494

PATCH

title:Top Pageurl:http://en.wellintech.com/index.aspx

Trust: 0.8

title:ウェリンテック・ジャパン株式会社url:http://www.wellintech.co.jp/

Trust: 0.8

title:Asian Control Company KingView 'KVWebSvr.dll' ActiveX Control Heap Buffer Overflow Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/3267

Trust: 0.6

sources: CNVD: CNVD-2011-0956 // JVNDB: JVNDB-2011-003494

EXTERNAL IDS

db:NVDid:CVE-2011-3142

Trust: 3.3

db:BIDid:46757

Trust: 2.5

db:ICS CERT ALERTid:ICS-ALERT-11-066-01

Trust: 2.4

db:ICS CERTid:ICSA-11-074-01

Trust: 2.4

db:OSVDBid:72889

Trust: 1.6

db:EXPLOIT-DBid:16936

Trust: 1.6

db:CNVDid:CNVD-2011-04541

Trust: 1.6

db:CNNVDid:CNNVD-201108-285

Trust: 1.2

db:CNVDid:CNVD-2011-0956

Trust: 1.0

db:JVNDBid:JVNDB-2011-003494

Trust: 0.8

db:IVDid:B65F53AA-2354-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:7D7C1A81-463F-11E9-982D-000C29342CB1

Trust: 0.2

db:IVDid:660DCAD2-1F9C-11E6-ABEF-000C29C66E3D

Trust: 0.2

sources: IVD: b65f53aa-2354-11e6-abef-000c29c66e3d // IVD: 7d7c1a81-463f-11e9-982d-000c29342cb1 // IVD: 660dcad2-1f9c-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-0956 // BID: 46757 // JVNDB: JVNDB-2011-003494 // CNNVD: CNNVD-201108-285 // NVD: CVE-2011-3142

REFERENCES

url:http://www.us-cert.gov/control_systems/pdf/icsa-11-074-01.pdf

Trust: 2.4

url:http://www.us-cert.gov/control_systems/pdf/ics-alert-11-066-01.pdf

Trust: 2.4

url:http://www.securityfocus.com/bid/46757

Trust: 2.2

url:http://www.scadahacker.com/exploits-wellintech-kvwebsvr.html

Trust: 1.6

url:http://www.osvdb.org/72889

Trust: 1.6

url:http://www.kingview.com/news/detail.aspx?contentid=537

Trust: 1.6

url:http://www.exploit-db.com/exploits/16936

Trust: 1.6

url:http://www.cnvd.org.cn/vulnerability/cnvd-2011-04541

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3142

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3142

Trust: 0.8

url:http://en.wellintech.com/products/detail.aspx?contentid=15

Trust: 0.3

sources: CNVD: CNVD-2011-0956 // BID: 46757 // JVNDB: JVNDB-2011-003494 // CNNVD: CNNVD-201108-285 // NVD: CVE-2011-3142

CREDITS

Carlos Mario Penagos Hollmann

Trust: 0.3

sources: BID: 46757

SOURCES

db:IVDid:b65f53aa-2354-11e6-abef-000c29c66e3d
db:IVDid:7d7c1a81-463f-11e9-982d-000c29342cb1
db:IVDid:660dcad2-1f9c-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-0956
db:BIDid:46757
db:JVNDBid:JVNDB-2011-003494
db:CNNVDid:CNNVD-201108-285
db:NVDid:CVE-2011-3142

LAST UPDATE DATE

2025-04-11T23:14:52.921000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-0956date:2015-11-24T00:00:00
db:BIDid:46757date:2015-04-13T21:01:00
db:JVNDBid:JVNDB-2011-003494date:2011-12-22T00:00:00
db:CNNVDid:CNNVD-201108-285date:2011-08-17T00:00:00
db:NVDid:CVE-2011-3142date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:IVDid:b65f53aa-2354-11e6-abef-000c29c66e3ddate:2011-08-17T00:00:00
db:IVDid:7d7c1a81-463f-11e9-982d-000c29342cb1date:2011-03-11T00:00:00
db:IVDid:660dcad2-1f9c-11e6-abef-000c29c66e3ddate:2011-03-11T00:00:00
db:CNVDid:CNVD-2011-0956date:2011-03-11T00:00:00
db:BIDid:46757date:2011-03-07T00:00:00
db:JVNDBid:JVNDB-2011-003494date:2011-12-22T00:00:00
db:CNNVDid:CNNVD-201108-285date:2011-08-17T00:00:00
db:NVDid:CVE-2011-3142date:2011-08-16T21:55:01.273