Summary
This host is installed with KingView and is prone to heap based buffer overflow vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Impact Level: System/Application
Solution
Apply the patch from below link
http://www.kingview.com/news/detail.aspx?contentid=587
*****
NOTE : Ignore this warning, if above mentioned patch is applied already.
*****
Insight
The flaw is due to an error in the 'nettransdll.dll' module of the 'HistorySvr' component when processing a packet containing opcode 3. This can be exploited to cause a heap-based buffer overflow via a specially crafted packet sent to TCP port 777.
Affected
KingView version 6.53 and 65.30.2010.18018
References
Severity
Classification
-
CVE CVE-2011-4536 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- CA Internet Security Suite Plus 'KmxSbx.sys' Buffer Overflow Vulnerability
- Adobe Reader 'mailListIsPdf' Buffer Overflow Vulnerability (Linux)
- CursorArts ZipWrangler 'ZIP Processing' Buffer Overflow Vulnerability
- Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability
- Adobe PageMaker Font Structure Multiple BOF Vulnerabilities