3 matches found
CVE-2019-25679
RealTerm Serial Terminal 2.0.0.70 contains a local SEH buffer overflow in the Echo Port tab that allows code execution when a crafted payload is pasted into the Port field and the Change button is clicked. The exploit can use a POP POP RET gadget chain with shellcode; results reported include arb...
CVE-2019-25570
RealTerm Serial Terminal 2.0.0.70 is affected by a local denial-of-service vulnerability in the Port field: inserting up to 1000 characters and triggering Open crashes the application. Details from CVE-2019-25570 describe a local attack that crashes RealTerm by pasting a long buffer into the Port...
CVE-2019-25569
RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow in the Echo Port field. The vulnerability allows local attackers to crash the application by corrupting the SEH chain; a crafted input consisting of 268 padding bytes followed by SEH overwrite values pasted into the Port fie...