CVE-2019-25609

HIGH

JetAudio jetCast Server 2.0 Local SEH Buffer Overflow

Title source: cna

Description

JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers. Attackers can inject alphanumeric encoded shellcode through the Log Directory field to trigger an SEH exception handler and execute arbitrary code with application privileges.

Exploits (1)

exploitdb WORKING POC

by Connor McGarr · pythonlocalwindows

https://www.exploit-db.com/exploits/46854

View Code ZIP pw:eip

References (4)

[Exploit] https://www.exploit-db.com/exploits/46854

[Product] http://www.jetaudio.com/

[Product] http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/Download/jetCast/build/JCS2000.exe

[Third Party Advisory] https://www.vulncheck.com/advisories/jetaudio-jetcast-server-local-seh-buffer-overflow

Scores

CVSS v3 8.4

EPSS 0.0001

EPSS Percentile 0.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (1)

Jetaudio/Server 2.0

Published Mar 22, 2026

Tracked Since Mar 22, 2026