CVE-2019-25558
Received Received - Intake
Buffer Overflow in Selfie Studio 2.17 Causes Denial of Service

Publication date: 2026-03-21

Last updated on: 2026-04-16

Assigner: VulnCheck

Description
Selfie Studio 2.17 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a large string of characters into the New Width or New Height field to trigger a buffer overflow that crashes the application.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-21
Last Modified
2026-04-16
Generated
2026-06-16
AI Q&A
2026-03-21
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25558
EUVD
EUVD-2019-19864
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
pixarra selfie_studio 2.17
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2019-25558 is a denial of service vulnerability in Selfie Studio version 2.17. It occurs in the Resize Image function where local attackers can crash the application by supplying an excessively long input string in the 'New Width' or 'New Height' fields."}, {'type': 'paragraph', 'content': 'This input triggers a buffer overflow due to an out-of-bounds write, causing the application to become unstable and crash.'}] [1, 2]

Impact Analysis

The vulnerability allows a local attacker to cause a denial of service by crashing the Selfie Studio application.

This crash results from a buffer overflow triggered by an excessively long input in the Resize Image function, leading to application instability and interruption of service.

No remote exploitation or code execution is indicated, so the impact is limited to local denial of service.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by attempting to reproduce the denial of service condition locally on the system running Selfie Studio 2.17. Specifically, you can test the Resize Image function by pasting an excessively long string into the 'New Width' or 'New Height' fields to see if the application crashes due to a buffer overflow."}, {'type': 'paragraph', 'content': 'A proof-of-concept method involves running a Python script that generates a large buffer string, copying it to the clipboard, and then pasting it into the Resize Image dialog in the application.'}, {'type': 'list_item', 'content': 'Run the Python script "Selfie_resize.py" which creates a file "PoC.txt" containing 1000 \'A\' characters.'}, {'type': 'list_item', 'content': 'Copy the contents of "PoC.txt" to the clipboard.'}, {'type': 'list_item', 'content': "Open Selfie Studio, go to 'Image' > 'Resize Image...'."}, {'type': 'list_item', 'content': "Paste the buffer string into the 'New Width' or 'New Height' field."}, {'type': 'list_item', 'content': 'Click OK and observe if the application crashes, indicating the vulnerability.'}] [1]

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25558. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart