CVE-2019-12788
HIGHPhotodex ProShow Producer 9.0.3797 - Out-of-bounds Write via Crafted File
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2019-12788. PoCs published by Yonatan_Correa.
AI-analyzed exploit summary This exploit targets a local buffer overflow vulnerability in ProShow v9.0.3797 by crafting a malicious file to trigger a SEH overwrite, leading to arbitrary code execution via a bind shell payload.
Description
An issue was discovered in Photodex ProShow Producer v9.0.3797 (an application that runs with Administrator privileges). It is possible to perform a buffer overflow via a crafted file.
Exploits (1)
exploitdb
WORKING POC
by Yonatan_Correa · pythonlocalwindows
https://www.exploit-db.com/exploits/46980
This exploit targets a local buffer overflow vulnerability in ProShow v9.0.3797 by crafting a malicious file to trigger a SEH overwrite, leading to arbitrary code execution via a bind shell payload.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target:
ProShow Producer v9.0.3797
No auth needed
Prerequisites:
Local access to the target system · ProShow Producer v9.0.3797 installed
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
https://risataim.blogspot.com/2019/06/exploit-local-para-proshow.html
Third Party Advisory x_refsource_misc
https://github.com/risataimpt/Archivos_del_Blog/tree/master/Proshow
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/153249/ProShow-9.0.3797-Privilege-Escalation.html
Scores
CVSS v3
7.8
EPSS
0.0445
EPSS Percentile
90.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (1)
photodex/proshow_producer
9.0.3797
Published
Jun 10, 2019
Tracked Since
Feb 18, 2026