Vulnerability Description
Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting malicious URLs. Attackers can create specially crafted URLs with overflowing buffer data that overwrites SEH pointers and executes embedded shellcode when imported through the application's web page import functionality.
CVSS Score
CRITICAL
Related Weaknesses (CWE)
References
- http://www.speedbit.com/dap/
- http://www.speedbit.com/dap/download/downloading.asp
- https://www.exploit-db.com/exploits/46673
- https://www.vulncheck.com/advisories/download-accelerator-plus-dap-seh-buffer-ov
FAQ
What is CVE-2019-25628?
CVE-2019-25628 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting malicious URLs. Attacker...
How severe is CVE-2019-25628?
CVE-2019-25628 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-25628?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.