CVE-2019-25741

Mobatek MobaXterm 12.1 is affected by a SEH-based buffer overflow in the username field of session files. An attacker can craft a malicious sessions file that overflows the username, triggering code execution when imported, potentially enabling a reverse shell with the user’s privileges. The CVE ...

CVE-2019-25733 NetShareWatcher 1.5.8.0 SEH Buffer Overflow

NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input. Attackers can craft a payload with overwritten SEH and NSEH pointers through the Restrictions custom filter field to...

CVE-2019-25733 NetShareWatcher 1.5.8.0 SEH Buffer Overflow

NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input. Attackers can craft a payload with overwritten SEH and NSEH pointers through the Restrictions custom filter field to...

CVE-2019-25670

River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lameenc.dll field. Attackers can craft a payload with 280 bytes of padding, a next structured exception...

CVE-2018-25217

PDF Explorer 1.5.66.2 contains a structured exception handler SEH overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the...

CVE-2019-25650

Affected software: River Past CamDo 3.7.6. Vulnerability: SEH buffer overflow in Lame_enc.dll name field enables local code execution. The exploit payload uses a ~280-byte buffer, an NSEH jump, and an SEH handler address to trigger code execution via a pop-pop-ret gadget, potentially establishing...

CVE-2018-25218

CVE-2018-25218 affects PassFab RAR Password Recovery 9.3.2. The issue is a Structured Exception Handler (SEH) buffer overflow that allows local arbitrary code execution via a crafted payload entered into the registration field (Licensed E-mail and Registration Code). The attack is local with no u...

CVE-2018-25217 PDF Explorer 1.5.66.2 Structured Exception Handler Local Code Execution

PDF Explorer 1.5.66.2 contains a structured exception handler SEH overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the...

CVE-2019-25628 Download Accelerator Plus DAP 10.0.6.0 SEH Buffer Overflow

Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting malicious URLs. Attackers can create specially crafted URLs with overflowing buffer data that overwrites SEH pointers and...

CVE-2019-25615

Lavavo CD Ripper 4.20 contains a structured exception handling SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Activation Name field. Attackers can craft a payload with controlled buffer data, NSEH jump...

CVE-2019-25615 Lavavo CD Ripper 4.20 Local SEH Buffer Overflow

Lavavo CD Ripper 4.20 contains a structured exception handling SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Activation Name field. Attackers can craft a payload with controlled buffer data, NSEH jump...

CVE-2019-25609

JetAudio jetCast Server 2.0 is affected by a stack-based buffer overflow in the Log Directory configuration field. The vulnerability allows local attackers to overwrite structured exception handling (SEH) pointers, enabling injection of alphanumeric encoded shellcode to trigger an SEH handler and...

CVE-2019-25466 Easy File Sharing Web Server 7.2 Local SEH Overflow

Easy File Sharing Web Server 7.2 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by creating a malicious username. Attackers can craft a username with a payload containing 4059 bytes of padding followed by a nseh...

CVE-2019-25319

Domain Quester Pro 6.02 is affected by a stack overflow affecting the Structured Exception Handler (SEH). The vulnerability can be triggered by crafting a malicious payload in the Domain Name Keywords input field, leading to an access violation and remote code execution, including a bind shell on...

CVE-2020-37177

CVE-2020-37177 describes a denial-of-service issue in BOOTP Turbo 2.0 where a crafted payload can overwrite the Structured Exception Handler (SEH), causing the application to crash and corrupt the SEH chain. The vulnerability is associated with a 2196-byte payload using specific byte patterns, en...

syncbreeze-poc

includes notes and POC's for buffe...

CVE-2023-54334 Explorer32++ 1.3.5.531 - Buffer overflow

Explorer32++ 1.3.5.531 contains a buffer overflow vulnerability in Structured Exception Handler SEH records that allows attackers to execute arbitrary code. Attackers can exploit the vulnerability by providing a long file name argument over 396 characters to corrupt the SEH chain and potentially...

CVE-2023-54330

Summary: CVE-2023-54330 affects Inbit Messenger versions 4.6.0–4.9.0. The flaw is a remote stack-based buffer overflow in the messenger’s network handler that can be triggered by sending malformed network packets, allowing unauthenticated attackers to overwrite the Structured Exception Handler (S...

CVE-2023-54330 Inbit Messenger 4.9.0 - Unauthenticated Remote SEH Overflow

Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability that allows unauthenticated attackers to execute arbitrary code by sending malformed network packets. Attackers can craft a specially designed payload targeting the messenger's network handler to...

Sam Spade 1.14 SEH Overflow / DLL Injection

Sam Spade version 1.14 SEH overflow exploit that leverages DLL injection. Exploit Title: Sam Spade 1.14 - SEH Overflow via Arbitrary DLL Injection Date: 14.03.2024 Software Link: https://www.majorgeeks.com/files/details/samspade.html Exploit Author: Ahmet Ümit BAYRAM Tested Version: 1.14 Tested o...