CVE-2019-25701

EUVD-2019-20133
Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and execute arbitrary code with user privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.4 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
http://www.divxtodvd.net/
http://www.divxtodvd.net/easy_video_to_ipod.exe
https://www.exploit-db.com/exploits/46255
https://www.vulncheck.com/advisories/easy-video-to-ipod-converter-local-buffer-overflow-seh