CVE-2019-25617
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2026-03-22

Last updated on: 2026-03-23

Assigner: VulnCheck

Description
Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows local attackers to crash the application by processing malformed MP4 files. Attackers can create a crafted MP4 file containing an oversized buffer and load it through the Audio Cutter interface to trigger an application crash.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-22
Last Modified
2026-03-23
Generated
2026-06-16
AI Q&A
2026-03-22
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25617
EUVD
EUVD-2019-19975
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-226 The product releases a resource such as memory or a file so that it can be made available for reuse, but it does not clear or "zeroize" the information contained in the resource before the product performs a critical state transition or makes the resource available for reuse by other entities.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by identifying if Ease Audio Converter version 5.30 is installed and if the Audio Cutter function is used to process MP4 files. Specifically, detection involves checking for the presence of malformed or specially crafted MP4 files that contain oversized buffers which can cause the application to crash.

A practical approach to detection is to attempt to reproduce the crash by loading suspicious MP4 files through the Audio Cutter interface of Ease Audio Converter 5.30.

Commands or steps to detect the vulnerability include:

  • Run a script or tool that generates a crafted MP4 file with an oversized buffer (for example, a Python script that creates an MP4 file containing a large buffer of repeated characters).
  • Open Ease Audio Converter 5.30.
  • Select the Audio Cutter function.
  • Load the crafted MP4 file.
  • Observe if the application crashes upon processing the file, indicating the presence of the vulnerability.
Mitigation Strategies

To mitigate this vulnerability immediately, avoid processing untrusted or malformed MP4 files through the Audio Cutter function of Ease Audio Converter version 5.30.

If possible, restrict local user access to the application or disable the Audio Cutter feature until a patch or updated version is available.

Monitor and validate all MP4 files before loading them into the application to ensure they do not contain oversized buffers or malformed data.

Consider using alternative audio conversion tools that do not have this vulnerability.

Executive Summary

CVE-2019-25617 is a denial of service (DoS) vulnerability found in Ease Audio Converter version 5.30, specifically in its Audio Cutter function.

The vulnerability occurs when a local attacker processes a specially crafted MP4 file containing an oversized buffer through the Audio Cutter interface. This malformed MP4 file causes the application to crash due to improper handling of the oversized buffer.

The crash results from resource misuse or failure triggered by the malformed input, leading to denial of service by making the application unavailable.

Impact Analysis

This vulnerability can impact you by causing the Ease Audio Converter application to crash when processing a maliciously crafted MP4 file.

An attacker with local access can exploit this flaw to trigger a denial of service condition, disrupting normal operation of the software and preventing legitimate use of the Audio Cutter function.

The impact is limited to availability, as the vulnerability does not allow for remote code execution, privilege escalation, or data compromise.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25617. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart