CVE-2019-25330

Name of the Vulnerable Software and Affected Versions SurfOffline Professional version 2.2.0.103

Description SurfOffline Professional 2.2.0.103 contains a structured exception handler (SEH) overflow that allows attackers to disrupt the application. This is achieved by manipulating the project name input. An attacker can create a malicious payload consisting of 382 'A' characters combined with specific byte sequences to cause a denial of service and overwrite SEH registers.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.