CVE-2019-25691

Faleemi Desktop Software 1.8 Local Buffer Overflow SEH DEP Bypass

CVSS 8.6 HIGHEPSS 0.2%CWE-787

Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can inject a crafted payload into the Save Path for Snapshot and Record file field to trigger a buffer overflow and execute arbitrary code via ROP chain gadgets.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Faleemi · Faleemi Desktop Software

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/46269unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/46269 https://www.faleemi.com/https://www.vulncheck.com/advisories/faleemi-desktop-software-local-buffer-overflow-seh-dep-bypass