CVE-2019-25617

MEDIUM

Ease Audio Converter 5.30 Denial of Service via Audio Cutter

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25617. PoCs published by Achilles.

AI-analyzed exploit summary This exploit generates a malformed MP4 file with an oversized buffer (6000 bytes of 'A' characters) to trigger a denial-of-service (DoS) crash in Ease Audio Converter 5.30 when processed by the Audio Cutter function. The crash occurs due to improper handling of the file's metadata or buffer overflow.

Description

Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows local attackers to crash the application by processing malformed MP4 files. Attackers can create a crafted MP4 file containing an oversized buffer and load it through the Audio Cutter interface to trigger an application crash.

Exploits (1)

exploitdb WORKING POC
by Achilles · pythondoswindows
https://www.exploit-db.com/exploits/46732

This exploit generates a malformed MP4 file with an oversized buffer (6000 bytes of 'A' characters) to trigger a denial-of-service (DoS) crash in Ease Audio Converter 5.30 when processed by the Audio Cutter function. The crash occurs due to improper handling of the file's metadata or buffer overflow.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Ease Audio Converter 5.30
No auth needed
Prerequisites: Python to generate the malicious file · User interaction to open the file in the target software
devstral-2 · analyzed Mar 22, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit exploit
ExploitDB-46732
https://www.exploit-db.com/exploits/46732
Product product
Official Product Homepage
http://www.audiotool.net/download.htm
Product product
Product Reference
http://www.audiotool.net/download/audioconverter.exe
Third Party Advisory third-party-advisory
VulnCheck Advisory: Ease Audio Converter 5.30 Denial of Service via Audio Cutter
https://www.vulncheck.com/advisories/ease-audio-converter-denial-of-service-via-audio-cutter

Scores

CVSS v3 6.2
EPSS 0.0013
EPSS Percentile 2.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-226
Status published
Products (1)
Audiotool/Ease Audio Converter 5.30
Published Mar 22, 2026
Tracked Since Mar 22, 2026