CVE-2019-25626

Name of the Vulnerable Software and Affected Versions River Past Cam Do version 3.7.6

Description A local buffer overflow exists in the activation code input field. A local attacker can execute arbitrary code by providing a malicious activation code string. This is achieved by crafting a buffer with 608 bytes of junk data, followed by shellcode and SEH (Structured Exception Handling) chain overwrite values, which triggers code execution during the processing of the input in the activation dialog.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.