CVE-2019-25556
Buffer Overflow in TwistedBrush Pro Studio Causes DoS Crash
Publication date: 2026-03-21
Last updated on: 2026-03-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| pixarra | twistedbrush_pro_studio | 24.06 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2019-25556 is a denial of service vulnerability in TwistedBrush Pro Studio version 24.06 and earlier. It occurs in the Resize Image function, where local attackers can cause the application to crash by supplying an excessively long input buffer.'}, {'type': 'paragraph', 'content': 'Specifically, by pasting a maliciously long string into the "New Width" or "New Height" fields, a buffer overflow (out-of-bounds write) is triggered, which causes the application to terminate unexpectedly.'}] [1, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by causing the TwistedBrush Pro Studio application to crash, resulting in a denial of service condition.
An attacker with local access can disrupt your ability to use the software by triggering this crash, but the vulnerability does not allow for code execution or data breaches.
The impact is limited to availability, meaning the software becomes unusable until restarted.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by attempting to reproduce the denial of service condition locally on the affected system. Specifically, a proof-of-concept involves creating a large input buffer (e.g., 1000 'A' characters) and pasting it into the 'New Width' or 'New Height' fields in the 'Resize Image...' dialog of TwistedBrush Pro Studio version 24.06."}, {'type': 'paragraph', 'content': 'The detection steps include running a Python script to generate a file containing the large buffer, copying its contents to the clipboard, opening the application, navigating to Image > Resize Image..., pasting the buffer into the dimension input field, and confirming the action to see if the application crashes.'}, {'type': 'list_item', 'content': 'Run the provided Python script "TwistedBrush_resize.py" to generate a file "PoC.txt" with 1000 \'A\' characters.'}, {'type': 'list_item', 'content': 'Copy the contents of "PoC.txt" to the clipboard.'}, {'type': 'list_item', 'content': 'Open TwistedBrush Pro Studio 24.06.'}, {'type': 'list_item', 'content': 'Navigate to Image > Resize Image...'}, {'type': 'list_item', 'content': "Paste the clipboard contents into the 'New Width' or 'New Height' field."}, {'type': 'list_item', 'content': 'Click OK and observe if the application crashes, indicating the vulnerability.'}] [3]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': "Immediate mitigation steps include avoiding the use of the 'Resize Image' function with untrusted or excessively long input values in the 'New Width' or 'New Height' fields to prevent triggering the buffer overflow."}, {'type': 'paragraph', 'content': 'Since the vulnerability requires local access and user interaction to trigger, restricting access to the application and educating users about not pasting suspiciously long inputs can reduce risk.'}, {'type': 'paragraph', 'content': 'Additionally, monitoring for application crashes and applying any available patches or updates from the vendor when released is recommended.'}] [1]