CVE-2019-25467
Published: 11 March 2026
Summary
CVE-2019-25467 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Verypdf (inferred from references). Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 1.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2019-25467 is a structured exception handling buffer overflow vulnerability (CWE-787) in Verypdf docPrint Pro 8.0. The flaw occurs when processing oversized alphanumeric encoded payloads supplied in the User Password or Master Password fields during PDF encryption, enabling local attackers to execute arbitrary code.
Local attackers can exploit this vulnerability with low attack complexity and no privileges required (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, score 8.4). By crafting a malicious payload incorporating encoded shellcode and SEH chain manipulation, they can bypass protections and achieve arbitrary code execution, as demonstrated by a MessageBox proof-of-concept when the password fields are processed.
Advisories including the Vulncheck advisory on Verypdf docPrint Pro local SEH buffer overflow and an Exploit-DB entry (exploit 47394) document the issue and provide a proof-of-concept exploit. Vendor resources such as the Verypdf website and docPrint Pro setup download are referenced, with no patch details specified in the available information.
A public proof-of-concept exploit is available, indicating potential for real-world local exploitation on unpatched systems.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2019-19738
Vulnerability details
Verypdf docPrint Pro 8.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized alphanumeric encoded payload in the User Password or Master Password fields. Attackers can craft a malicious…
more
payload with encoded shellcode and SEH chain manipulation to bypass protections and execute a MessageBox proof-of-concept when the password fields are processed during PDF encryption.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local SEH buffer overflow in client PDF software enables arbitrary code execution via crafted input to password fields, matching Exploitation for Client Execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the buffer overflow vulnerability in Verypdf docPrint Pro by applying patches, workarounds, or removing the flawed software component.
Implements memory safeguards like DEP and ASLR to prevent arbitrary code execution from the SEH buffer overflow exploit in password fields.
Enforces validation of oversized alphanumeric inputs to password fields during PDF encryption processing to block the buffer overflow trigger.