Vulnerability Description
JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers. Attackers can inject alphanumeric encoded shellcode through the Log Directory field to trigger an SEH exception handler and execute arbitrary code with application privileges.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- http://www.jetaudio.com/
- http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/D
- https://www.exploit-db.com/exploits/46854
- https://www.vulncheck.com/advisories/jetaudio-jetcast-server-local-seh-buffer-ov
FAQ
What is CVE-2019-25609?
CVE-2019-25609 is a vulnerability with a CVSS score of 8.4 (HIGH). JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointer...
How severe is CVE-2019-25609?
CVE-2019-25609 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-25609?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.