CVE-2019-25705— Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-25705
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field
Source: NVD (National Vulnerability Database)
Vulnerability Description
Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. Attackers can create a malicious text file with a crafted payload exceeding buffer boundaries and paste it into the action field through the Rules dialog to trigger the overflow and overwrite the return address.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存写
Source: NVD (National Vulnerability Database)
Vulnerability Title
Echo Mirage 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Echo Mirage是abhi1299个人开发者的一个用于音频信号处理与回声效果模拟的软件工具。 Echo Mirage 3.1版本存在缓冲区错误漏洞,该漏洞源于对Rules操作字段的输入验证不足,可能导致栈缓冲区溢出和执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Sourceforge | Echo Mirage | 3.1 | - |
II. Public POCs for CVE-2019-25705
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-25705
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: Sourceforge
- CVE-2018-25251
Snes9K 0.0.9z Buffer Overflow SEH via Netplay Socket - CVE-2018-25209
OpenBiz Cubi Lite 3.0.8 SQL Injection via username Parameter - CVE-2019-25632
phpFileManager 1.7.8 Local File Inclusion via index.php - CVE-2019-25575
SimplePress CMS 1.0.7 SQL Injection via p and s Parameters - CVE-2019-25539
202CMS v10 beta SQL Injection via register.php
V. Comments for CVE-2019-25705
No comments yet