Vulnerability Details CVE-2019-25634
Base64 Decoder 1.1.2 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers can craft a malicious input file that overflows a buffer, overwrites the SEH chain with a POP-POP-RET gadget address, and uses an egghunter payload to locate and execute shellcode for code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.6%
CVSS Severity
CVSS v3 Score 8.4
References
Products affected by CVE-2019-25634
-
cpe:2.3:a:4mhz:base64_decoder:1.1.2