CVE-2019-25555

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder component that allows local attackers to crash the application by supplying an excessively large buffer. Attackers can paste a malicious string containing 500,000 characters into the Description field of the Script Recorder dialog to trigger an application crash.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://www.pixarra.com	Product
https://www.exploit-db.com/exploits/46844	Exploit Third Party Advisory VDB Entry
https://www.vulncheck.com/advisories/twistedbrush-pro-studio-script-recorder-denial-of-service	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:pixarra:twistedbrush_pro_studio:24.06:*:*:*:*:*:*:*

History

24 Mar 2026, 16:34

Type	Values Removed	Values Added
First Time		Pixarra twistedbrush Pro Studio Pixarra
CPE		cpe:2.3:a:pixarra:twistedbrush_pro_studio:24.06:::::::*
Summary		(es) TwistedBrush Pro Studio 24.06 contiene una vulnerabilidad de denegación de servicio en el componente Script Recorder que permite a atacantes locales bloquear la aplicación al proporcionar un búfer excesivamente grande. Los atacantes pueden pegar una cadena maliciosa que contiene 500.000 caracteres en el campo Descripción del diálogo Script Recorder para provocar un bloqueo de la aplicación.
References	~~() http://www.pixarra.com -~~	() http://www.pixarra.com - Product
References	~~() https://www.exploit-db.com/exploits/46844 -~~	() https://www.exploit-db.com/exploits/46844 - Exploit, Third Party Advisory, VDB Entry
References	~~() https://www.vulncheck.com/advisories/twistedbrush-pro-studio-script-recorder-denial-of-service -~~	() https://www.vulncheck.com/advisories/twistedbrush-pro-studio-script-recorder-denial-of-service - Third Party Advisory

21 Mar 2026, 13:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-21 13:16

Updated : 2026-03-24 16:34

NVD link : CVE-2019-25555

Mitre link : CVE-2019-25555

CVE.ORG link : CVE-2019-25555

JSON object : View

Products Affected

pixarra

twistedbrush_pro_studio

CWE

CWE-131

Incorrect Calculation of Buffer Size

{"id": "CVE-2019-25555", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-21T13:16:18.050", "references": [{"url": "http://www.pixarra.com", "tags": ["Product"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/46844", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/twistedbrush-pro-studio-script-recorder-denial-of-service", "tags": ["Third Party Advisory"], "source": "disclosure@vulncheck.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-131"}]}], "descriptions": [{"lang": "en", "value": "TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder component that allows local attackers to crash the application by supplying an excessively large buffer. Attackers can paste a malicious string containing 500,000 characters into the Description field of the Script Recorder dialog to trigger an application crash."}, {"lang": "es", "value": "TwistedBrush Pro Studio 24.06 contiene una vulnerabilidad de denegaci\u00f3n de servicio en el componente Script Recorder que permite a atacantes locales bloquear la aplicaci\u00f3n al proporcionar un b\u00fafer excesivamente grande. Los atacantes pueden pegar una cadena maliciosa que contiene 500.000 caracteres en el campo Descripci\u00f3n del di\u00e1logo Script Recorder para provocar un bloqueo de la aplicaci\u00f3n."}], "lastModified": "2026-03-24T16:34:57.090", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pixarra:twistedbrush_pro_studio:24.06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F62FE325-85CB-4E52-AE3C-34BADEBC03FE"}], "operator": "OR"}]}], "sourceIdentifier": "disclosure@vulncheck.com"}