CVE-2019-25561
Buffer Overflow in Lyric Maker 2.0.1.0 Causes DoS Crash
Publication date: 2026-03-21
Last updated on: 2026-04-16
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jetaudio | lyric_maker | 2.0.1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25561 is a buffer overflow vulnerability in Lyric Maker version 2.0.1.0. It occurs when a local attacker inputs an excessively long stringβspecifically, a 5000-byte bufferβinto the Title field of the application.
This causes the application to crash when the file is saved, resulting in a denial of service condition. The vulnerability is due to improper input validation and buffer handling in the Title field.
How can this vulnerability impact me? :
This vulnerability can impact you by causing the Lyric Maker application to crash, leading to a denial of service (DoS) condition.
An attacker with local access can exploit this by pasting a very long string into the Title field and saving the file, which disrupts the normal operation of the software.
This means you could lose access to the application or experience interruptions while using it.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the crash condition on the Lyric Maker 2.0.1.0 application. Specifically, a local test involves inputting an excessively long string of 5000 bytes into the Title field and observing if the application crashes upon saving.'}, {'type': 'paragraph', 'content': 'A practical detection method is to use the provided proof-of-concept exploit which uses a Python script to generate a file containing a 5000-character buffer. The steps include running the script to create the file, copying its contents, pasting into the Title field of the application, and saving the file to trigger the crash.'}, {'type': 'list_item', 'content': 'Run the Python script "LyricMaker.py" to generate "LyricMaker.txt" with 5000 \'A\' characters.'}, {'type': 'list_item', 'content': 'Copy the contents of "LyricMaker.txt" to the clipboard.'}, {'type': 'list_item', 'content': 'Open Lyric Maker (JetLyric.exe).'}, {'type': 'list_item', 'content': 'Paste the clipboard content into the Title field.'}, {'type': 'list_item', 'content': 'Use the "Save Lyric..." option to save the file (e.g., as "sample.jlr").'}, {'type': 'paragraph', 'content': 'If the application crashes during this process, it confirms the presence of the buffer overflow vulnerability.'}] [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of the vulnerable Lyric Maker 2.0.1.0 application or restricting access to it to trusted users only, since the vulnerability requires local access.
Do not input excessively long strings (such as 5000 bytes) into the Title field to prevent triggering the buffer overflow and crashing the application.
Monitor for updates or patches from the software vendor or consider upgrading to a newer, fixed version of the application if available.
If possible, implement application whitelisting or sandboxing to limit the impact of a crash or denial of service.