Connor Mcgarr

**Name of the Vulnerable Software and Affected Versions** JetAudio jetCast Server version 2.0 **Description** A stack-based buffer overflow exists in the Log Directory configuration field. Local attackers can overwrite structured exception handling (SEH) pointers by injecting alphanumeric encoded shellcode through the Log Directory field. This process triggers an SEH exception handler, allowing the execution of arbitrary code with application privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Admin Express version 1.2.5.485 **Description** A local structured exception handling buffer overflow allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the `Folder Path` field. This is triggered through the System Compare feature by pasting a crafted payload into the left-hand side `Folder Path` field and clicking the scale icon to execute shellcode with application privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Verypdf docPrint Pro version 8.0 **Description** The software contains a structured exception handling buffer overflow that allows local attackers to execute arbitrary code. This occurs by providing an oversized alphanumeric encoded payload in the `User Password` or `Master Password` fields. Attackers can create a malicious payload with encoded shellcode and SEH chain manipulation to bypass protections. A proof-of-concept demonstrates execution of a `MessageBox` when the password fields are processed during PDF encryption. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.