CVE-2019-25469
Received Received - Intake
Buffer Overflow in Folder Lock 7.7.9 Causes Local DoS

Publication date: 2026-03-11

Last updated on: 2026-03-11

Assigner: VulnCheck

Description
Folder Lock 7.7.9 contains a buffer overflow vulnerability in the serial number registration field that allows local attackers to crash the application by submitting an oversized payload. Attackers can paste a 6000-byte buffer of arbitrary data into the 'Serial Number and Registration Key' field to trigger a denial of service condition.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-11
Last Modified
2026-03-11
Generated
2026-06-16
AI Q&A
2026-03-11
EPSS Evaluated
2026-06-14
NVD
CVE-2019-25469
EUVD
EUVD-2019-19742
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
folder_lock folder_lock 7.7.9
folder_lock folder_lock to 7.7.9 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2019-25469 is a buffer overflow vulnerability in Folder Lock version 7.7.9. It occurs in the serial number registration field where local attackers can input an oversized payload, specifically a 6000-byte buffer of arbitrary data, causing the application to crash.'}, {'type': 'paragraph', 'content': "The vulnerability is triggered by pasting a very large string into the 'Serial Number and Registration Key' field, which overflows the buffer and leads to a denial of service condition."}] [1, 2]

Impact Analysis

This vulnerability can cause Folder Lock to crash, resulting in a denial of service (DoS) condition. An attacker with local access can exploit this by submitting a large payload to the serial number registration field, making the application unresponsive or unusable.

Since the attack requires local access and no special privileges or user interaction, it mainly impacts availability of the application rather than confidentiality or integrity.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by attempting to reproduce the buffer overflow condition in Folder Lock version 7.7.9. The detection involves creating a specially crafted payload of 6000 characters and pasting it into the 'Serial Number and Registration Key' field of the application to observe if it crashes."}, {'type': 'list_item', 'content': "Run the provided Python script (Folder_Lock.py) from the exploit to generate a file named 'Evil.txt' containing 6000 'A' characters."}, {'type': 'list_item', 'content': "Open 'Evil.txt' and copy its contents to the clipboard."}, {'type': 'list_item', 'content': "Launch Folder Lock and navigate to the 'Enter Key' section."}, {'type': 'list_item', 'content': "Paste the copied content into the 'Serial Number and Registration Key' input field."}, {'type': 'list_item', 'content': "Click 'Submit' and observe if the application crashes, indicating the presence of the vulnerability."}] [1]

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25469. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart