Vulnerability Details CVE-2019-25626
River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code string. Attackers can craft a buffer containing 608 bytes of junk data followed by shellcode and SEH chain overwrite values to trigger code execution when the activation dialog processes the input.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.2%
CVSS Severity
CVSS v3 Score 8.4
References
Products affected by CVE-2019-25626
-
cpe:2.3:a:river_past_cam_do_project:river_past_cam_do:*