6.9
CVE-2019-25623
- EPSS 0.19%
- Veröffentlicht 23.03.2026 13:48:38
- Zuletzt bearbeitet 24.03.2026 14:19:57
- Quelle disclosure@vulncheck.com
- CVE-Watchlists
- Unerledigt
LoginLuminance Studio 2.17 Denial of Service via Malformed Input
Luminance Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can create a text file with arbitrary character sequences and trigger the application to process the input, causing the application to become unresponsive or terminate abnormally.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pixarra ≫ Luminance Studio Version2.17
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.081 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| disclosure@vulncheck.com | 6.9 | 0 | 0 |
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| disclosure@vulncheck.com | 6.2 | 2.5 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-641 Improper Restriction of Names for Files and Other Resources
The product constructs the name of a file or other resource using input from an upstream component, but it does not restrict or incorrectly restricts the resulting name.
http://www.pixarra.com/
https://www.exploit-db.com/exploits/46130
http://www.pixarra.com/uploads/9/4/6/3/94635436/tbluminancestudio_install.exe
https://www.vulncheck.com/advisories/luminance-studio-denial-of-service-via-malformed-input