CVE-2019-25358

Name of the Vulnerable Software and Affected Versions FileOptimizer version 14.00.2524

Description FileOptimizer version 14.00.2524 is subject to a denial of service condition. An attacker can cause the application to crash by manipulating the FileOptimizer32.ini configuration file. Specifically, the attacker overwrites the TempDirectory parameter with a 5000-character buffer, leading to a crash when opening options.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict write access to the FileOptimizer32.ini configuration file.