CVE-2019-25336
Buffer Overflow in SpotAuditor 5.3.2 Enables Code Execution
Publication date: 2026-02-12
Last updated on: 2026-02-20
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nsasoft | spotauditor | 5.3.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in SpotAuditor version 5.3.2 within its Base64 Encrypted Password tool. It is a local buffer overflow flaw that allows an attacker to execute arbitrary code on the affected system. The attacker achieves this by crafting a malicious Base64 encoded payload that triggers a Structured Exception Handler (SEH) overwrite, enabling the execution of shellcode.
How can this vulnerability impact me? :
The vulnerability can lead to an attacker executing arbitrary code on your system with potentially high impact. This means an attacker could gain control over the affected system, leading to data compromise, system instability, or further exploitation. Since the vulnerability involves a local buffer overflow, it requires local access but can result in severe consequences such as privilege escalation or system takeover.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know