CVE-2019-25603

Name of the Vulnerable Software and Affected Versions TuneClone version 2.20

Description A structured exception handler (SEH) buffer overflow exists, allowing local attackers to execute arbitrary code by providing a malicious license code string. Attackers can craft a payload containing a controlled buffer, an NSEH jump instruction, and an SEH handler address pointing to a ROP gadget, then paste it into the license code field to trigger code execution and establish a bind shell.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.