CVE-2019-25627

Name of the Vulnerable Software and Affected Versions FlexHEX version 2.71

Description A local buffer overflow exists in the Stream Name field. This allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overflow—a condition where the program's error-handling mechanism is overwritten to redirect execution flow. An attacker can achieve this by creating a malicious text file containing shellcode and aligned SEH chain pointers and pasting the content into the Stream Name dialog.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.