CVE-2019-25656
Received Received - Intake

Local Buffer Overflow in R i386 3.5.0 GUI Enables Code Execution

Vulnerability report for CVE-2019-25656, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-05

Last updated on: 2026-04-05

Assigner: VulnCheck

Description

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler (SEH) overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to overwrite SEH records and achieve code execution with calculator or arbitrary shellcode.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-05
Last Modified
2026-04-05
Generated
2026-07-06
AI Q&A
2026-04-06
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in R i386 version 3.5.0 within the GUI Preferences dialog. It is a local buffer overflow vulnerability that allows local attackers to overwrite the structured exception handler (SEH) by providing malicious input.

Specifically, attackers can craft a payload string in the 'Language for menus and messages' field to overwrite SEH records, which can lead to arbitrary code execution, such as running a calculator or other shellcode.

Impact Analysis

This vulnerability can allow a local attacker to execute arbitrary code on the affected system by exploiting the buffer overflow in the GUI Preferences dialog.

  • Potential impacts include unauthorized code execution.
  • Compromise of system integrity and confidentiality.
  • Possible disruption of availability if malicious payloads are used.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25656. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart