CVE-2019-25363 | THREATINT

Description

WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow vulnerability that allows attackers to crash the application by providing an oversized license input. Attackers can generate a 6000-byte payload and paste it into the 'License Name and License Code' field to trigger an application crash.

PUBLISHED Reserved 2026-02-13 | Published 2026-02-18 | Updated 2026-02-19 | Assigner VulnCheck

HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

Stack-based Buffer Overflow

Product status

4.6.1217

affected

Credits

Nithoshitha S finder

References

www.exploit-db.com/exploits/47563 (ExploitDB-47563) exploit

www.alloksoft.com/ (Vendor Homepage) product

web.archive.org/...8145533/https://www.alloksoft.com/wmv.htm (Archived Software Download Page) product

www.vulncheck.com/...peg-dvd-wmv-convertor-denial-of-service (VulnCheck Advisory: WMV to AVI MPEG DVD WMV Convertor 4.6.1217 - Denial of Service) third-party-advisory

cve.org (CVE-2019-25363)

nvd.nist.gov (CVE-2019-25363)

Download JSON