CVE-2019-25318

High CVSS: 8.4

AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button is clicked.

Vendor

Product

CWE

CWE-121

Yayın Tarihi

2026-02-12 23:16:02

Güncelleme

2026-02-13 14:23:48

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-121 HIGH 2026

Referanslar

http://www.avs4you.com/ https://www.exploit-db.com/exploits/47788 https://www.exploit-db.com/exploits/47810 https://www.vulncheck.com/advisories/avs-audio-converter-stack-overflow