CVE-2019-25695

Name of the Vulnerable Software and Affected Versions R version 3.4.4

Description A local buffer overflow allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Specifically, a payload with a 292-byte offset and JMP ESP instruction can be used to execute commands, such as calc.exe, when pasted into the "Language for menus and messages" field.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.