CVE-2019-25616

MEDIUM

AnMing MP3 CD Burner 2.0 Local Denial of Service

Title source: cna

Description

AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string. Attackers can paste a 6000-byte payload into the registration name field to trigger a denial of service condition.

Exploits (1)

exploitdb WORKING POC

by Achilles · pythondoswindows

https://www.exploit-db.com/exploits/46754

View Code ZIP pw:eip

References (4)

[Exploit] https://www.exploit-db.com/exploits/46754

[Product] http://www.ddz1977.com/

[Product] https://files.downloadnow.com/s/software/10/56/16/74/anming_setup.zip?token=1556228877_063f2dc0aed064ee5d13374d8509661c&fileName=anming_setup.zip

[Third Party Advisory] https://www.vulncheck.com/advisories/anming-mp3-cd-burner-local-denial-of-service

Scores

CVSS v3 6.2

EPSS 0.0002

EPSS Percentile 4.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-434

Status published

Products (1)

Ddz1977/AnMing MP3 CD Burner 2.0

Published Mar 22, 2026

Tracked Since Mar 22, 2026