CVE-2019-25474

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Easy MP3 Downloader version 4.7.8.8

Description The software contains a buffer overflow issue that allows local attackers to cause a denial of service. An attacker can generate a file containing 6000 'A' characters and paste the contents into the Unlock Code field during application startup to trigger the condition.

Recommendations Apply a fix or update to a newer version of the software to address the buffer overflow issue. As a temporary workaround, avoid using excessively long input in the Unlock Code field during application startup.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2019-25474

Affected Products

Undefined

CVE-2019-25474

Weakness Enumeration

Related Identifiers

Affected Products

References · 5