CVE-2019-25620 - Vulnerability Analysis

Overview

Tree Studio 2.17 contains a denial of service vulnerability caused by malformed input through the keyboard interface, letting local attackers crash the application, exploit requires local access to input arbitrary characters.

Severity & Score

Impact

Local attackers can crash the application, causing denial of service and loss of availability.

Mitigation

Update to the latest version.

References

• https://www.exploit-db.com/exploits/46125
• https://www.vulncheck.com/advisories/tree-studio-denial-of-service-via-malformed-input
• http://www.pixarra.com/
• http://www.pixarra.com/uploads/9/4/6/3/94635436/tbtreestudio_install.exe

Related Resources

• Vulnerability Intelligence Dashboard
• Credential Scanner