CVE-2018-25258
Received Received - Intake
Stack-Based Buffer Overflow in RGui 3.5.0 Enables Code Execution

Publication date: 2026-04-12

Last updated on: 2026-04-12

Assigner: VulnCheck

Description
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based buffer overflow, execute a ROP chain for VirtualAlloc allocation, and achieve arbitrary code execution.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-12
Last Modified
2026-04-12
Generated
2026-06-16
AI Q&A
2026-04-12
EPSS Evaluated
2026-06-14
NVD
CVE-2018-25258
EUVD
EUVD-2018-21770
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
r_project rgui to 3.5.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2018-25258 is a local buffer overflow vulnerability found in RGui version 3.5.0, specifically in the GUI preferences dialog's "Language for menus and messages" field.

An attacker can input malicious data into this field to trigger a stack-based buffer overflow, which allows exploitation of Structured Exception Handling (SEH) to bypass Data Execution Prevention (DEP) protections.

The exploit involves executing a Return-Oriented Programming (ROP) chain that calls VirtualAlloc to allocate executable memory, ultimately enabling arbitrary code execution on the affected system.

Impact Analysis

This vulnerability allows an attacker with local access to execute arbitrary code on the affected system without requiring privileges or user interaction.

Successful exploitation can lead to a complete compromise of confidentiality, integrity, and availability of the system running RGui 3.5.0.

  • Arbitrary code execution
  • Bypassing DEP protections
  • Potential local privilege escalation or system compromise
Detection Guidance

This vulnerability is a local buffer overflow in RGui 3.5.0 affecting the GUI preferences dialog, specifically the "Language for menus and messages" field. Detection involves checking if the vulnerable version of RGui (3.5.0 or earlier) is installed on the system.

Since this is a local vulnerability, network detection is not applicable. On the system, you can verify the installed RGui version by running the following command in R or a command prompt:

  • In R console: `R.version.string` or `version`
  • On Windows command prompt, check the file properties of RGui.exe or run: `wmic datafile where name="C:\\Program Files\\R\\R-3.5.0\\bin\\x64\\Rgui.exe" get Version` (adjust path as needed)

If version 3.5.0 or earlier is present, the system is vulnerable. Additionally, monitoring for unusual crashes or behavior when changing the "Language for menus and messages" setting in RGui could indicate exploitation attempts.

Mitigation Strategies

The primary mitigation step is to upgrade RGui to version 3.5.1 or later, where this vulnerability has been fixed.

Until the upgrade can be applied, avoid modifying the "Language for menus and messages" field in the GUI preferences dialog, as this is the vector for the buffer overflow.

Additionally, restrict local access to systems running vulnerable versions of RGui to trusted users only, since the exploit requires local access.

Consider monitoring for suspicious activity or crashes related to RGui and applying standard security best practices such as least privilege and application whitelisting.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25258. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart