CVE-2019-25644
Buffer Overflow in WinMPG Video Convert Causes Local DoS
Publication date: 2026-03-24
Last updated on: 2026-04-21
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| direct-soft | winmpg_video_convert | to 9.3.5 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25644 is a buffer overflow vulnerability found in WinMPG Video Convert version 9.3.5 and earlier. It exists in the registration dialog where local attackers can input an oversized payloadβabout 6000 bytesβinto the Name and Registration Code fields. This causes an out-of-bounds write that crashes the application.
The vulnerability allows a local attacker to trigger a denial of service (DoS) condition by causing the application to crash through this buffer overflow.
How can this vulnerability impact me? :
This vulnerability impacts users by allowing local attackers to cause a denial of service condition. Specifically, by inputting an oversized string into the registration fields, the application crashes and becomes unresponsive or terminates unexpectedly.
There is no indication that this vulnerability allows privilege escalation or code execution, so the impact is limited to availability disruption of the WinMPG Video Convert application.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the buffer overflow condition locally on the system running WinMPG Video Convert 9.3.5 or earlier. Specifically, a payload of approximately 6000 bytes can be pasted into the "Name" and "Registration Code" fields in the registration dialog to trigger the denial of service.'}, {'type': 'paragraph', 'content': "A practical detection method involves using a Python script to generate a payload file containing 6000 'A' characters, then pasting this payload into the registration fields to observe if the application crashes."}, {'type': 'paragraph', 'content': 'There are no specific network commands since this is a local vulnerability, but the following steps can be used on the affected system:'}, {'type': 'list_item', 'content': "Run a Python script to create a file (e.g., Evil.txt) with 6000 'A' characters."}, {'type': 'list_item', 'content': 'Open WinMPG Video Convert (WinMPG.exe) and navigate to the registration dialog.'}, {'type': 'list_item', 'content': 'Paste the contents of Evil.txt into the "Name" and "Registration Code" fields.'}, {'type': 'list_item', 'content': 'Click the "Register" button and observe if the application crashes, indicating the presence of the vulnerability.'}] [4, 3]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'To mitigate this vulnerability immediately, avoid using WinMPG Video Convert version 9.3.5 or earlier, especially the registration dialog where oversized input can be supplied.'}, {'type': 'paragraph', 'content': 'Do not paste or input large payloads (around 6000 bytes) into the "Name" and "Registration Code" fields.'}, {'type': 'paragraph', 'content': 'If possible, uninstall or disable the affected software until a patched or updated version is available.'}, {'type': 'paragraph', 'content': 'Monitor for application crashes related to the registration dialog as an indicator of attempted exploitation.'}] [3, 4]