CVE-2019-25667

Exploit

EPSS 0.02%
Veröffentlicht 05.04.2026 20:45:21
Zuletzt bearbeitet 20.04.2026 18:04:26
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

TaskInfo 8.2.0.280 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to registration fields. Attackers can paste excessively long strings into the New User Name or New Serial Number textboxes in the Help menu's registration dialog to trigger a denial of service condition.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Iarsn ≫ Taskinfo Version <= 8.2.0.280

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.033

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
disclosure@vulncheck.com	6.9	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
disclosure@vulncheck.com	6.2	2.5	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.exploit-db.com/exploits/46314

Exploit

VDB Entry

http://www.iarsn.com/

Product

https://www.vulncheck.com/advisories/taskinfo-denial-of-service-buffer-overflow

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-25667

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-25667

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-25667

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2019-25667