CVE-2019-25557

EUVD-2019-19862
TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability that allows local attackers to crash the application by importing a malformed .srp script file. Attackers can create a .srp file containing an excessively large buffer and import it through the Script Player interface to trigger an application crash.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.2 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
VulnCheckCNA
6.2 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
pixarratwistedbrush_pro_studio
24.06
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.pixarra.com
https://www.exploit-db.com/exploits/46845
https://www.vulncheck.com/advisories/twistedbrush-pro-studio-denial-of-service-via-srp-file