CVE-2019-25631

High CVSS: 8.6

AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellcode. Attackers can inject egg hunter shellcode through the SMTP display name field in preferences or report wizard functionality to trigger the overflow and execute code with application privileges.

Vendor

Aida64

Product

Aida64

CWE

CWE-787

Yayın Tarihi

2026-03-24 12:16:03

Güncelleme

2026-03-27 16:59:50

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-787 Aida64 HIGH Aida64 2026

Referanslar

https://www.aida64.com https://www.aida64.com/downloads https://www.exploit-db.com/exploits/46639 https://www.vulncheck.com/advisories/aida64-business-seh-buffer-overflow-via-egghunter

Benzer Kayıtlar

High

CVE-2019-25633

AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attack…

High

CVE-2019-25629

AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functional…

High

CVE-2019-25360

Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attacker…

Medium

CVE-2020-37140

Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers t…