CVE-2019-25596

Name of the Vulnerable Software and Affected Versions SpotAuditor version 5.2.6

Description The software contains a denial of service issue in the registration dialog. Local attackers can cause the application to crash by providing an excessively long string in the Name field. Specifically, pasting a buffer of 300 repeated characters into the Name input during registration triggers an application crash.

Recommendations SpotAuditor version 5.2.6: Limit the length of the input accepted in the Name field during registration to prevent excessively long strings.