Vulnerability Details CVE-2019-25559
SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during registration to trigger a crash when the OK button is clicked.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.6%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2019-25559
-
cpe:2.3:a:nsasoft:spotpaltalk:1.1.5