CVE-2019-25656
Received Received - Intake
Local Buffer Overflow in R i386 3.5.0 GUI Enables Code Execution

Publication date: 2026-04-05

Last updated on: 2026-04-05

Assigner: VulnCheck

Description
R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler (SEH) overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to overwrite SEH records and achieve code execution with calculator or arbitrary shellcode.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-05
Last Modified
2026-04-05
Generated
2026-06-16
AI Q&A
2026-04-06
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25656
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in R i386 version 3.5.0 within the GUI Preferences dialog. It is a local buffer overflow vulnerability that allows local attackers to overwrite the structured exception handler (SEH) by providing malicious input.

Specifically, attackers can craft a payload string in the 'Language for menus and messages' field to overwrite SEH records, which can lead to arbitrary code execution, such as running a calculator or other shellcode.

Impact Analysis

This vulnerability can allow a local attacker to execute arbitrary code on the affected system by exploiting the buffer overflow in the GUI Preferences dialog.

  • Potential impacts include unauthorized code execution.
  • Compromise of system integrity and confidentiality.
  • Possible disruption of availability if malicious payloads are used.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25656. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart