CVE-2019-25565

Description

Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field during registration, and trigger a denial of service condition that crashes the application.

References

• http://www.magiciso.com
• http://www.magiciso.com/Setup_MagicISO.exe
• https://www.exploit-db.com/exploits/46656
• https://www.vulncheck.com/advisories/magic-iso-maker-buffer-overflow-denial-of-service