Description
River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code string. Attackers can craft a buffer containing 608 bytes of junk data followed by shellcode and SEH chain overwrite values to trigger code execution when the activation dialog processes the input.
Published: 2026-03-24
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Code Execution
Action: Immediate Patch
AI Analysis

Impact

River Past Cam Do 3.7.6 includes a local buffer overflow in the activation code input field, allowing local attackers to supply a malicious string that overflows a fixed‑size buffer and redirects execution to attacker‑provided shellcode. The exploit requires the attacker to interact with the activation dialog, providing a payload of 608 bytes followed by shellcode and overwritten SEH values, resulting in arbitrary code execution with the privileges of the running process.

Affected Systems

Flexhex River Past Cam Do version 3.7.6 is vulnerable to the described buffer overflow; any installation of this version must be patched, updated, or removed to prevent exploitation.

Risk and Exploitability

The CVSS score of 8.6 denotes high severity, while no EPSS data and no KEV listing mean the exploit probability is unknown. The vulnerability is local in nature, requiring attacker presence on the machine and interaction with the activation dialog, so the attack vector is local with a substantial potential impact if exploited.

Generated by OpenCVE AI on March 24, 2026 at 12:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor’s patch or upgrade to a version newer than 3.7.6 that fixes the buffer overflow.
  • If no patch is available, uninstall or prevent the application from running, especially on accounts with administrative privileges.
  • Restrict or disable user accounts that can launch the vulnerable program to reduce exposure.
  • Monitor system logs for unexpected activation dialog activity or abnormal SEH chain changes that may indicate an attempted exploitation.

Generated by OpenCVE AI on March 24, 2026 at 12:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 26 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Flexhex
Flexhex river Past Cam Do
Vendors & Products Flexhex
Flexhex river Past Cam Do

Tue, 24 Mar 2026 11:45:00 +0000

Type Values Removed Values Added
Description River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code string. Attackers can craft a buffer containing 608 bytes of junk data followed by shellcode and SEH chain overwrite values to trigger code execution when the activation dialog processes the input.
Title River Past Cam Do 3.7.6 Local Buffer Overflow in Activation Code
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Flexhex River Past Cam Do
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-26T12:38:04.674Z

Reserved: 2026-03-24T10:59:35.100Z

Link: CVE-2019-25626

cve-icon Vulnrichment

Updated: 2026-03-26T12:37:59.837Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-24T12:16:02.230

Modified: 2026-03-24T15:53:48.067

Link: CVE-2019-25626

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:39:44Z

Weaknesses