CVE-2019-25565
Received Received - Intake
Buffer Overflow in Magic Iso Maker 5.5 Causes DoS Crash

Publication date: 2026-03-21

Last updated on: 2026-04-16

Assigner: VulnCheck

Description
Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field during registration, and trigger a denial of service condition that crashes the application.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-21
Last Modified
2026-04-16
Generated
2026-06-16
AI Q&A
2026-03-21
EPSS Evaluated
2026-06-14
NVD
CVE-2019-25565
EUVD
EUVD-2019-19878
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
magiciso magic_iso_maker 5.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2019-25565 is a buffer overflow vulnerability in Magic Iso Maker version 5.5 build 281. It occurs in the Serial Code registration field, where the application does not properly handle an excessively large input.

Local attackers can exploit this by submitting a specially crafted input containing 5000 bytes of data into the Serial Code field during registration. This causes a buffer overflow that crashes the application, resulting in a denial of service.

Impact Analysis

This vulnerability can impact you by causing the Magic Iso Maker application to crash when an attacker submits an oversized input in the Serial Code registration field.

The primary impact is a denial of service (DoS), which disrupts the availability of the application and prevents legitimate users from using it.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by attempting to reproduce the buffer overflow condition in the Magic Iso Maker 5.5 (build 281) application. A proof-of-concept exploit involves generating a file containing 5000 'A' characters and pasting its contents into the Serial Code registration field to see if the application crashes."}, {'type': 'list_item', 'content': "Run the provided Python script (MagicIso.py) to create a file named 'MagicIso.txt' containing the overflow payload."}, {'type': 'list_item', 'content': "Copy the contents of 'MagicIso.txt' to the clipboard."}, {'type': 'list_item', 'content': 'Launch MagicISO.exe and navigate to the registration section.'}, {'type': 'list_item', 'content': "Enter any username (e.g., 'Anonymous')."}, {'type': 'list_item', 'content': 'Paste the clipboard contents into the Serial Code field.'}, {'type': 'list_item', 'content': "Click the 'Register!' button and observe if the application crashes, indicating the vulnerability."}] [1]

Mitigation Strategies

Immediate mitigation steps include avoiding the use of the vulnerable Magic Iso Maker 5.5 (build 281) application or refraining from entering oversized input in the Serial Code registration field.

Since the vulnerability requires local access and input of an oversized serial code, restricting access to the application and educating users not to paste large or suspicious data into the Serial Code field can help prevent exploitation.

If possible, update to a patched or newer version of the software where this vulnerability is fixed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25565. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart