CVE-2019-25657
Received Received - Intake

Denial of Service in AnyBurn 4.3 Image Conversion Function

Vulnerability report for CVE-2019-25657, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-05

Last updated on: 2026-04-20

Assigner: VulnCheck

Description

AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the image conversion function. Attackers can paste a large buffer into the source or destination image file fields and click Convert Now to trigger a crash.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-05
Last Modified
2026-04-20
Generated
2026-07-06
AI Q&A
2026-04-06
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
anyburn anyburn to 4.3 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-226 The product releases a resource such as memory or a file so that it can be made available for reuse, but it does not clear or "zeroize" the information contained in the resource before the product performs a critical state transition or makes the resource available for reuse by other entities.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in AnyBurn 4.3 x86 and is a denial of service issue. It allows local attackers to crash the application by providing an excessively long string to the image conversion function.

Specifically, an attacker can paste a large buffer into either the source or destination image file fields and then click the Convert Now button, which triggers the application to crash.

Impact Analysis

The impact of this vulnerability is a denial of service condition where the AnyBurn application crashes when processing an excessively long string in the image conversion function.

This means that legitimate users may be unable to use the image conversion feature while the application is crashed, potentially disrupting workflows that depend on this functionality.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25657. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart