CVE-2019-25485

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.2 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H                                    

Vulnerability Description

R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the GUI Preferences language menu field that allows local attackers to bypass DEP and ASLR protections. Attackers can inject a crafted payload through the Language for menus preference to trigger a structured exception handler chain pivot and execute arbitrary shellcode with application privileges.

Vulnerability Details

Published Date

March 11, 2026

Last Modified

March 12, 2026

CWE ID

CWE-787

Source

NVD

Vendor

R-Project

Product

External References

https://www.exploit-db.com/exploits/47122
https://www.vulncheck.com/advisories/r-windows-x-buffer-overflow-seh-dep-aslr-bypass

CVE-2019-25485

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment