Nsauditor · Spotie Internet Explorer Password Recovery · CVE-2019-25463
**Name of the Vulnerable Software and Affected Versions**
SpotIE Internet Explorer Password Recovery version 2.9.5
**Description**
SpotIE Internet Explorer Password Recovery version 2.9.5 has a denial of service issue in the registration key input field. Local attackers can cause the application to crash by providing an overly long string. Specifically, pasting a 256-character payload into the `Key` field during registration triggers a buffer overflow, leading to an application crash.
**Recommendations**
Update to a newer version of SpotIE Internet Explorer Password Recovery that addresses this issue.