CVE-2019-25467
Structured Exception Handling Buffer Overflow in Verypdf docPrint Pro
Publication date: 2026-03-11
Last updated on: 2026-03-11
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| verypdf | docprint_pro | 8.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25467 is a local structured exception handling (SEH) buffer overflow vulnerability in Verypdf docPrint Pro version 8.0 and earlier. It occurs when the software improperly handles oversized alphanumeric encoded payloads supplied in the User Password or Master Password fields during PDF encryption.
An attacker with local access can craft a malicious payload containing encoded shellcode and manipulate the SEH chain to bypass security protections. When the password fields are processed, this can lead to arbitrary code execution, as demonstrated by a proof-of-concept that triggers a MessageBox.
How can this vulnerability impact me? :
This vulnerability allows a local attacker to execute arbitrary code on the affected system without requiring privileges or user interaction.
- Execution of arbitrary code can lead to full compromise of confidentiality, integrity, and availability of the system.
- Attackers can escalate privileges or run malicious payloads by exploiting the buffer overflow in the password handling mechanism.
- Successful exploitation can disrupt normal operations or allow unauthorized access to sensitive data.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a local structured exception handling (SEH) buffer overflow in Verypdf docPrint Pro 8.0 that is triggered by supplying an oversized alphanumeric encoded payload in the User Password or Master Password fields during PDF encryption.
Detection involves identifying attempts to exploit this vulnerability by monitoring for unusual or oversized password inputs in the PDF encryption process of docPrint Pro 8.0.
Since the exploit is local and involves crafted payloads in password fields, network detection is limited. On the system, you can check for suspicious usage of docPrint Pro 8.0, especially processes invoking PDF encryption with abnormal password lengths.
No specific commands or signatures are provided in the available resources to detect this vulnerability automatically.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting local access to systems running Verypdf docPrint Pro 8.0 to prevent untrusted users from exploiting the vulnerability.
Avoid using the User Password or Master Password fields for PDF encryption in docPrint Pro 8.0 until a patch or update is available.
Monitor and audit usage of docPrint Pro 8.0 for any suspicious activity related to PDF encryption.
Since no patch or update information is provided in the resources, consider contacting the vendor or checking official sources for updates or fixes.