{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25705", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-05T15:39:09.009Z", "datePublished": "2026-04-12T12:28:51.242Z", "dateUpdated": "2026-04-12T12:28:51.242Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-12T12:28:51.242Z"}, "datePublic": "2019-01-21T00:00:00.000Z", "title": "Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field", "descriptions": [{"lang": "en", "value": "Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. Attackers can create a malicious text file with a crafted payload exceeding buffer boundaries and paste it into the action field through the Rules dialog to trigger the overflow and overwrite the return address."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "Sourceforge", "product": "Echo Mirage", "versions": [{"version": "3.1", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.6, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46216", "name": "ExploitDB-46216", "tags": ["exploit"]}, {"url": "http://initd.sh/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://sourceforge.net/projects/echomirage.oldbutgold.p/", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/echo-mirage-stack-buffer-overflow-via-rules-action-field"}], "credits": [{"lang": "en", "value": "InitD Community", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. Attackers can create a malicious text file with a crafted payload exceeding buffer boundaries and paste it into the action field through the Rules dialog to trigger the overflow and overwrite the return address."}], "id": "CVE-2019-25705", "lastModified": "2026-04-12T13:16:33.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-12T13:16:33.303", "references": [{"source": "disclosure@vulncheck.com", "url": "http://initd.sh/"}, {"source": "disclosure@vulncheck.com", "url": "https://sourceforge.net/projects/echomirage.oldbutgold.p/"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/46216"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/echo-mirage-stack-buffer-overflow-via-rules-action-field"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Echo Mirage", "source": "cna", "vendor": "Sourceforge"}, "product": "echo_mirage", "vendor": "sourceforge"}], "analysis": {"en": {"generated_at": "2026-04-12T13:51:38.629636+00:00", "value": {"mitigation_remediation": ["Apply any available patch or upgrade to a newer Echo Mirage release.", "If no patch exists, remove or disable the Echo Mirage application from the system.", "Restrict local user accounts that can run Echo Mirage by adjusting permissions or implementing role\u2011based controls.", "Monitor system logs and application activity for signs of abnormal behavior that may indicate exploitation attempts."], "summary": {"action": "Immediate Patch", "impact": "Local code execution"}, "threat_synthesis": {"affected_systems": "The affected product is Echo Mirage 3.1 from Sourceforge. All installations of this version are vulnerable, as the CNA data does not restrict the vulnerability to a narrower set of releases. Any system running Echo Mirage 3.1 and allowing local users to interact with the Rules dialog is at risk.", "description_and_impact": "Echo Mirage 3.1 contains a stack buffer overflow that allows a local attacker to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. The flaw permits overwriting a return address, enabling the attacker to run malicious code under the application's privileges. This vulnerability is classified as CWE\u2011787, a typical stack\u2011based buffer overflow, and can lead to full compromise of the machine on which Echo Mirage runs.", "risk_and_exploitability": "The CVSS score of 8.6 indicates a high severity vulnerability. No EPSS score is available and the issue is not listed in the CISA KEV catalog, but the exploitation only requires local access. The likely attack vector is a local user who can create a malicious text file, copy its contents into the Rules action field via the dialog, and trigger the buffer overflow to overwrite the return address. Once the overflow executes, the attacker gains control over the application process and potentially the entire system."}}}}, "created": "2026-04-13T12:41:14.487425+00:00", "updated": "2026-04-13T12:55:52.614161+00:00", "vendors": ["sourceforge", "sourceforge$PRODUCT$echo_mirage"]}