CVE-2018-25258
Stack-Based Buffer Overflow in RGui 3.5.0 Enables Code Execution
Publication date: 2026-04-12
Last updated on: 2026-04-12
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| r_project | rgui | to 3.5.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2018-25258 is a local buffer overflow vulnerability found in RGui version 3.5.0, specifically in the GUI preferences dialog's "Language for menus and messages" field.
An attacker can input malicious data into this field to trigger a stack-based buffer overflow, which allows exploitation of Structured Exception Handling (SEH) to bypass Data Execution Prevention (DEP) protections.
The exploit involves executing a Return-Oriented Programming (ROP) chain that calls VirtualAlloc to allocate executable memory, ultimately enabling arbitrary code execution on the affected system.
How can this vulnerability impact me? :
This vulnerability allows an attacker with local access to execute arbitrary code on the affected system without requiring privileges or user interaction.
Successful exploitation can lead to a complete compromise of confidentiality, integrity, and availability of the system running RGui 3.5.0.
- Arbitrary code execution
- Bypassing DEP protections
- Potential local privilege escalation or system compromise
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a local buffer overflow in RGui 3.5.0 affecting the GUI preferences dialog, specifically the "Language for menus and messages" field. Detection involves checking if the vulnerable version of RGui (3.5.0 or earlier) is installed on the system.
Since this is a local vulnerability, network detection is not applicable. On the system, you can verify the installed RGui version by running the following command in R or a command prompt:
- In R console: `R.version.string` or `version`
- On Windows command prompt, check the file properties of RGui.exe or run: `wmic datafile where name="C:\\Program Files\\R\\R-3.5.0\\bin\\x64\\Rgui.exe" get Version` (adjust path as needed)
If version 3.5.0 or earlier is present, the system is vulnerable. Additionally, monitoring for unusual crashes or behavior when changing the "Language for menus and messages" setting in RGui could indicate exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade RGui to version 3.5.1 or later, where this vulnerability has been fixed.
Until the upgrade can be applied, avoid modifying the "Language for menus and messages" field in the GUI preferences dialog, as this is the vector for the buffer overflow.
Additionally, restrict local access to systems running vulnerable versions of RGui to trusted users only, since the exploit requires local access.
Consider monitoring for suspicious activity or crashes related to RGui and applying standard security best practices such as least privilege and application whitelisting.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.