Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.4
ChaosPro 2.0: Malicious Configuration Files Can Execute Arbitrary Code
CVE-2019-25365
Summary
If you use ChaosPro 2.0, an attacker can create a special configuration file that could let them take control of your Windows XP computer. This could happen if you open the file or if someone tricks you into opening it. To stay safe, update to the latest version of ChaosPro or stop using it altogether.
Original title
ChaosPro 2.0 contains a buffer overflow vulnerability in the configuration file path handling that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attack...
Original description
ChaosPro 2.0 contains a buffer overflow vulnerability in the configuration file path handling that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious configuration file with carefully constructed payload to overwrite memory and gain remote code execution on vulnerable Windows XP systems.
nvd CVSS3.1
9.8
nvd CVSS4.0
8.4
Vulnerability type
CWE-121
Stack-based Buffer Overflow
Published: 18 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026