CVE-2019-25622

EUVD-2019-19985
Paint Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the key entry mechanism. Attackers can create a text file with a large buffer of characters and trigger the application to read it, causing the application to crash and become unavailable.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.2 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
VulnCheckCNA
6.2 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
pixarrapaint_studio
2.17
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.pixarra.com/
http://www.pixarra.com/uploads/9/4/6/3/94635436/tbpaintstudio_install.exe
https://www.exploit-db.com/exploits/46126
https://www.vulncheck.com/advisories/paint-studio-denial-of-service-via-malformed-input