CVE-2019-25596

CVSS v3.1

6.2

Medium

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 repeated characters into the Name input during registration to trigger an application crash.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1287

Related Identifiers

CVE-2019-25596

Affected Products

Spotauditor

CVE-2019-25596

Weakness Enumeration

Related Identifiers

Affected Products

References · 4