{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25603", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-22T13:05:10.167Z", "datePublished": "2026-03-22T13:38:39.004Z", "dateUpdated": "2026-03-25T13:40:10.077Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-22T13:38:39.004Z"}, "datePublic": "2019-06-19T00:00:00.000Z", "title": "TuneClone 2.20 Structured Exception Handler Buffer Overflow", "descriptions": [{"lang": "en", "value": "TuneClone 2.20 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address pointing to a ROP gadget, then paste it into the license code field to trigger code execution and establish a bind shell."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "TuneClone", "product": "TuneClone", "versions": [{"version": "2.20", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.6, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/47012", "name": "ExploitDB-47012", "tags": ["exploit"]}, {"url": "http://www.tuneclone.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://www.tuneclone.com/tuneclone_setup.exe", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: TuneClone 2.20 Structured Exception Handler Buffer Overflow", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/tuneclone-structured-exception-handler-buffer-overflow"}], "credits": [{"lang": "en", "value": "Achilles", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-25T13:39:29.623978Z", "id": "CVE-2019-25603", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T13:40:10.077Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25603", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-25T13:39:29.623978Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T13:40:04.906Z"}}], "cna": {"title": "TuneClone 2.20 Structured Exception Handler Buffer Overflow", "credits": [{"lang": "en", "type": "finder", "value": "Achilles"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.6, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "TuneClone", "product": "TuneClone", "versions": [{"status": "affected", "version": "2.20"}]}], "datePublic": "2019-06-19T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/47012", "name": "ExploitDB-47012", "tags": ["exploit"]}, {"url": "http://www.tuneclone.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://www.tuneclone.com/tuneclone_setup.exe", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/tuneclone-structured-exception-handler-buffer-overflow", "name": "VulnCheck Advisory: TuneClone 2.20 Structured Exception Handler Buffer Overflow", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "TuneClone 2.20 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address pointing to a ROP gadget, then paste it into the license code field to trigger code execution and establish a bind shell."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-22T13:38:39.004Z"}}}, "cveMetadata": {"cveId": "CVE-2019-25603", "state": "PUBLISHED", "dateUpdated": "2026-03-25T13:40:10.077Z", "dateReserved": "2026-03-22T13:05:10.167Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-22T13:38:39.004Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "TuneClone 2.20 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address pointing to a ROP gadget, then paste it into the license code field to trigger code execution and establish a bind shell."}, {"lang": "es", "value": "TuneClone 2.20 contiene una vulnerabilidad de desbordamiento de b\u00fafer en el gestor de excepciones estructuradas (SEH) que permite a atacantes locales ejecutar c\u00f3digo arbitrario al proporcionar una cadena de c\u00f3digo de licencia maliciosa. Los atacantes pueden elaborar una carga \u00fatil con un b\u00fafer controlado, una instrucci\u00f3n de salto NSEH y una direcci\u00f3n de gestor SEH que apunte a un gadget ROP, luego pegarla en el campo de c\u00f3digo de licencia para desencadenar la ejecuci\u00f3n de c\u00f3digo y establecer un bind shell."}], "id": "CVE-2019-25603", "lastModified": "2026-04-16T16:19:50.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-22T14:16:27.893", "references": [{"source": "disclosure@vulncheck.com", "url": "http://www.tuneclone.com/"}, {"source": "disclosure@vulncheck.com", "url": "http://www.tuneclone.com/tuneclone_setup.exe"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/47012"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/tuneclone-structured-exception-handler-buffer-overflow"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.20"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "TuneClone", "source": "cna", "vendor": "TuneClone"}, "product": "tuneclone", "vendor": "tuneclone"}], "analysis": {"en": {"generated_at": "2026-03-22T15:05:52.109175+00:00", "value": {"mitigation_remediation": ["Verify whether a newer version of TuneClone is available and upgrade if possible.", "If no patch exists, restrict write and execute permissions on the TuneClone binary and its installation directory.", "Disable or remove the ability for non\u2011trusted users to enter custom license codes where feasible.", "Monitor application logs for abnormal license entries or repeated crashes.", "Implement application whitelisting or antivirus signatures that detect the known exploit payload."], "summary": {"action": "Patch", "impact": "Local code execution"}, "threat_synthesis": {"affected_systems": "The flaw affects the TuneClone application. Only the 2.20 build distributed by TuneClone is known to contain the legacy SEH handler code that triggers the overflow. No other versions or additional vendors were identified in the CNA data.", "description_and_impact": "A buffer overflow occurs in the SEH processing of the license code field in TuneClone version 2.20. When an attacker supplies a malicious license string that contains a full stack buffer, an NSEH jump instruction and an SEH handler address pointing to a return\u2011oriented\u2011programming gadget, the overflow corrupts the exception chain and allows execution of arbitrary code. The vulnerability is limited to the TuneClone process, but the code runs with the same privileges as the user who supplies the license, providing local code execution.", "risk_and_exploitability": "The CVSS score of 8.6 indicates a high severity risk. No EPSS score is available and the flaw is not listed in the CISA Known Exploited Vulnerabilities catalog. Attackers must have local access to the target machine to supply the crafted license string, meaning the exploitation path requires a user session or some form of remote foothold that enables local input. The existence of publicly available exploits and a known ROP gadget sequence suggests that skilled adversaries can manually construct a payload. Because execution occurs with the caller\u2019s privileges, the vulnerability can be used for local privilege escalation or to run malware within the TuneClone process."}}}}, "created": "2026-03-23T09:46:16.617618+00:00", "updated": "2026-03-25T14:46:13.911894+00:00", "vendors": ["tuneclone", "tuneclone$PRODUCT$tuneclone"]}