Summaryinfo

A vulnerability was found in Aida64 Business up to 5.99.4900. It has been declared as critical. The impacted element is an unknown function. The manipulation of the argument SMTP display name results in out-of-bounds write. This vulnerability is reported as CVE-2019-25631. The attack requires a local approach. Moreover, an exploit is present.

Detailsinfo

A vulnerability, which was classified as critical, was found in Aida64 Business up to 5.99.4900. Affected is some unknown processing. The manipulation of the argument SMTP display name with an unknown input leads to a out-of-bounds write vulnerability. CWE is classifying the issue as CWE-787. The product writes data past the end, or before the beginning, of the intended buffer. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:

AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellcode. Attackers can inject egg hunter shellcode through the SMTP display name field in preferences or report wizard functionality to trigger the overflow and execute code with application privileges.

The weakness was disclosed by Peyman Forouzan # as 46639. The advisory is available at exploit-db.com. This vulnerability is traded as CVE-2019-25631 since 03/24/2026. The exploitability is told to be easy. Local access is required to approach this attack. Technical details and a public exploit are known.

The exploit is shared for download at exploit-db.com. It is declared as proof-of-concept.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The vulnerability is also documented in the vulnerability database at Exploit-DB (46639). VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Vendor

• Aida64

Name

• Business

Version

• 5.0
• 5.1
• 5.2
• 5.3
• 5.4
• 5.5
• 5.6
• 5.7
• 5.8
• 5.9
• 5.10
• 5.11
• 5.12
• 5.13
• 5.14
• 5.15
• 5.16
• 5.17
• 5.18
• 5.19
• 5.20
• 5.21
• 5.22
• 5.23
• 5.24
• 5.25
• 5.26
• 5.27
• 5.28
• 5.29
• 5.30
• 5.31
• 5.32
• 5.33
• 5.34
• 5.35
• 5.36
• 5.37
• 5.38
• 5.39
• 5.40
• 5.41
• 5.42
• 5.43
• 5.44
• 5.45
• 5.46
• 5.47
• 5.48
• 5.49
• 5.50
• 5.51
• 5.52
• 5.53
• 5.54
• 5.55
• 5.56
• 5.57
• 5.58
• 5.59
• 5.60
• 5.61
• 5.62
• 5.63
• 5.64
• 5.65
• 5.66
• 5.67
• 5.68
• 5.69
• 5.70
• 5.71
• 5.72
• 5.73
• 5.74
• 5.75
• 5.76
• 5.77
• 5.78
• 5.79
• 5.80
• 5.81
• 5.82
• 5.83
• 5.84
• 5.85
• 5.86
• 5.87
• 5.88
• 5.89
• 5.90
• 5.91
• 5.92
• 5.93
• 5.94
• 5.95
• 5.96
• 5.97
• 5.98
• 5.99.4900

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion