CVE-2019-25670
Published: 05 April 2026
Summary
CVE-2019-25670 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in River Past Video Cleaner Project River Past Video Cleaner. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 10.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2019-25670 is a structured exception handler buffer overflow vulnerability (CWE-787) affecting River Past Video Cleaner version 7.6.3, specifically in the Lame_enc.dll field. Published on 2026-04-05, it carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for complete system compromise through arbitrary code execution.
Local attackers can exploit the vulnerability by supplying a malicious string to the Lame_enc.dll field, crafting a payload with 280 bytes of padding, a next structured exception handler override, and shellcode. When the application processes this input, the buffer overflow is triggered, allowing the attacker to hijack the exception handling and execute the embedded shellcode with the privileges of the running process. No special privileges or user interaction are required beyond local access to the system.
References include the River Past Video Cleaner download page on Softonic, an Exploit-DB entry (46346) with a proof-of-concept exploit, and a VulnCheck advisory describing the buffer overflow via SEH. No patches or specific mitigations are detailed in the available information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2019-20075
Vulnerability details
River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_enc.dll field. Attackers can craft a payload with 280 bytes of padding,…
more
a next structured exception handler override, and shellcode to trigger code execution when the application processes the input.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local buffer overflow in client application (River Past Video Cleaner) directly enables arbitrary code execution via crafted input and SEH overwrite, matching Exploitation for Client Execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires identifying, reporting, and correcting the buffer overflow flaw in River Past Video Cleaner, preventing exploitation through patching or software removal.
Implements memory safeguards such as DEP, ASLR, and SEH protections that block arbitrary code execution from SEH buffer overflows even if the flaw exists.
Mandates validation of malicious strings supplied to the Lame_enc.dll field to block oversized payloads that trigger the buffer overflow.