CVE-2019-25623

Summary

Luminance Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can create a text file with arbitrary character sequences and trigger the application to process the input, causing the application to become unresponsive or terminate abnormally.

Affected Software

VendorProductVersion RangeStatus
PixarraLuminance Studio2.17affected

Weaknesses

  • CWE-641: Improper Restriction of Names for Files and Other Resources

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References