CVE-2019-25563
Received Received - Intake
Buffer Overflow in PCHelpWareV2 1.0.0.5 Causes DoS Crash

Publication date: 2026-03-21

Last updated on: 2026-03-24

Assigner: VulnCheck

Description
PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying a malformed image file. Attackers can trigger the vulnerability through the Create SC feature by selecting a crafted BMP file with an oversized buffer, causing the application to crash.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-21
Last Modified
2026-03-24
Generated
2026-05-07
AI Q&A
2026-03-21
EPSS Evaluated
2026-05-05
NVD
CVE-2019-25563
EUVD
EUVD-2019-19874
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
uvnc pchelpwarev2 1.0.0.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-226 The product releases a resource such as memory or a file so that it can be made available for reuse, but it does not clear or "zeroize" the information contained in the resource before the product performs a critical state transition or makes the resource available for reuse by other entities.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

[{'type': 'paragraph', 'content': "CVE-2019-25563 is a denial of service vulnerability in PCHelpWareV2 version 1.0.0.5. It occurs when a local attacker uses the 'Create SC' feature to supply a specially crafted BMP image file containing an oversized buffer. This malformed image causes the application to crash due to improper handling of input data, specifically a buffer overflow condition."}] [1, 2]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing a local attacker to crash the PCHelpWareV2 application, resulting in a denial of service. The attacker can disrupt the availability of the application by supplying a malformed BMP file during the SC creation process, causing the application to become unresponsive or stop working.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the crash condition on the PCHelpWareV2 application using a specially crafted BMP file with an oversized buffer.'}, {'type': 'list_item', 'content': 'Run the provided Python script "PCHelpWareV2_create_.py" to generate the crafted "exploit.bmp" file containing a large buffer of 10,000 "A" characters.'}, {'type': 'list_item', 'content': 'Open the PCHelpWareV2 Viewer application.'}, {'type': 'list_item', 'content': 'Navigate to Tools -> Create SC.'}, {'type': 'list_item', 'content': 'Use the Browse button to select the crafted "exploit.bmp" file.'}, {'type': 'list_item', 'content': 'Click the Create SC button and observe if the application crashes, indicating the presence of the vulnerability.'}] [1]


What immediate steps should I take to mitigate this vulnerability?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart