CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-25362

WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the license name and license code fields. Attackers can craft a malicious payload of 6000 bytes to trigger a bind shell on port 4444 by exploiting a stack-based buffer overflow in the application's input handling.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.7%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.alloksoft.com/
https://www.alloksoft.com/wmv.htm
https://www.exploit-db.com/exploits/47563
https://www.exploit-db.com/exploits/47568
https://www.vulncheck.com/advisories/wmv-to-avi-mpeg-dvd-wmv-convertor-buffer-overflow

Products affected by CVE-2019-25362

Alloksoft » Wmv To Avi Mpeg Dvd Wmv Convertor » Version: 4.6.1217

cpe:2.3:a:alloksoft:wmv_to_avi_mpeg_dvd_wmv_convertor:4.6.1217

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-25362

Products

Pricing

Contact Us