CVE-2019-25584
Buffer Overflow in RarmaRadio 2.72.3 Causes Application Crash
Publication date: 2026-03-22
Last updated on: 2026-03-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| raimersoft | rarmaradio | 2.72.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25584 is a buffer overflow vulnerability in RarmaRadio version 2.72.3. It occurs in the Server field of the Network settings, where local attackers can input an excessively long stringβover 4000 bytesβcausing the application to write data out of its intended bounds.
This out-of-bounds write leads to a crash of the application, effectively causing a denial of service condition.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a denial of service (DoS). An attacker with local access can crash the RarmaRadio application by supplying a maliciously long string in the Server field.
This crash disrupts the normal operation of the application, potentially causing loss of service or interruption for the user.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by attempting to reproduce the crash condition in the RarmaRadio application. Specifically, a proof-of-concept involves creating a text file containing 4000 'A' characters, copying this content to the clipboard, and pasting it into the Server field under Edit > Settings > Network in RarmaRadio version 2.72.3. Confirming the input by selecting OK will cause the application to crash if vulnerable."}, {'type': 'list_item', 'content': 'Create a text file named \'rarma_ser.txt\' with 4000 \'A\' characters (e.g., using a command like `python -c "print(\'A\'*4000)" > rarma_ser.txt`).'}, {'type': 'list_item', 'content': "Copy the contents of 'rarma_ser.txt' to the clipboard."}, {'type': 'list_item', 'content': 'Open RarmaRadio, navigate to Edit > Settings > Network, and paste the clipboard content into the Server field.'}, {'type': 'list_item', 'content': 'Click OK and observe if the application crashes, indicating the presence of the vulnerability.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the input of excessively long strings (over 4000 bytes) into the Server field of the Network settings in RarmaRadio version 2.72.3. Since the vulnerability requires local access, restricting user permissions and access to the application settings can reduce risk.
Additionally, monitor for updates or patches from the vendor and apply them as soon as they become available to address this buffer overflow vulnerability.