CVE-2019-25650

Name of the Vulnerable Software and Affected Versions River Past CamDo version 3.7.6

Description The software contains a structured exception handler (SEH) buffer overflow. Local attackers can execute arbitrary code by providing a malicious string in the Lame enc.dll name field. Attackers can create a payload with a 280-byte buffer, NSEH jump instruction, and SEH handler address pointing to a pop-pop-ret gadget to trigger code execution and establish a bind shell on port 3110.

Recommendations Update River Past CamDo to a newer version that contains a fix for this vulnerability. As a temporary workaround, avoid using the Lame enc.dll file.