Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka HistoryServer.exe) in WellinTech KingView 6.53 and 65.30.2010.18018 allows remote attackers to execute arbitrary code via a crafted op-code 3 packet.
Conclusion & alert: CVE-2011-4536 is rated High Risk (70.4/100): CVSS Critical severity, with high exploitation likelihood (EPSS 31.04%, 97th percentile). Core evidence: EPSS ranks this CVE among the most likely to be exploited in the near term. Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2025-11-17 | 34.43% | 31.04% | -3.39% |
| 2 | 2025-08-27 | 30.71% | 34.43% | +3.72% |
| 3 | 2025-03-30 | — | 30.71% | — |
Full EPSS history (17 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 10.0 | 2.0 | HIGH |
|
10.0 | 10.0 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| wellintech | kingview | 6.53 | cpe:2.3:a:wellintech:kingview:6.53:*:*:*:*:*:*:* |
| wellintech | kingview | 65.30.2010.18018 | cpe:2.3:a:wellintech:kingview:65.30.2010.18018:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://en.wellintech.com/news/detail.aspx?contentid=166 | Patch Vendor Advisory |
| http://secunia.com/advisories/47339 | Vendor Advisory |
| http://www.kingview.com/news/detail.aspx?contentid=587 | Patch Vendor Advisory |
| http://www.osvdb.org/77992 | |
| http://www.us-cert.gov/control_systems/pdf/ICSA-11-355-02.pdf | Patch US Government Resource |
| http://www.zerodayinitiative.com/advisories/ZDI-11-351/ |