← Zuruck zu CVEs
CVE-2019-25626
HIGH8.4
Beschreibung
River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code string. Attackers can craft a buffer containing 608 bytes of junk data followed by shellcode and SEH chain overwrite values to trigger code execution when the activation dialog processes the input.
CVE Details
CVSS v3.1 Bewertung8.4
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht3/24/2026
Zuletzt geandert3/24/2026
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-434
Referenzen
http://www.flexhex.com(disclosure@vulncheck.com)
https://en.softonic.com/download/river-past-cam-do/windows/post-download?sl=1(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/46670(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/river-past-cam-do-local-buffer-overflow-in-activation-code(disclosure@vulncheck.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.