River Past · River Past Video Cleaner · CVE-2019-25670
**Name of the Vulnerable Software and Affected Versions**
River Past Video Cleaner version 7.6.3
**Description**
A structured exception handler buffer overflow allows local attackers to execute arbitrary code. This occurs when the application processes a malicious string provided in the `Lame enc.dll` field. An attacker can trigger this by crafting a payload consisting of 280 bytes of padding, a next structured exception handler override, and shellcode.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.