CVE-2019-25565

Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field during registration, and trigger a denial of service condition that crashes the application.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://www.magiciso.com	Broken Link
http://www.magiciso.com/Setup_MagicISO.exe	Broken Link
https://www.exploit-db.com/exploits/46656	Exploit VDB Entry
https://www.vulncheck.com/advisories/magic-iso-maker-buffer-overflow-denial-of-service	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:magiciso:magic_iso_maker:5.5:build281:*:*:*:*:*:*

History

16 Apr 2026, 18:10

Type	Values Removed	Values Added
First Time		Magiciso Magiciso magic Iso Maker
Summary		(es) Magic Iso Maker 5.5 build 281 contiene una vulnerabilidad de desbordamiento de búfer en el campo de registro Serial Code que permite a atacantes locales bloquear la aplicación al enviar una entrada sobredimensionada. Los atacantes pueden generar un archivo que contenga 5000 bytes de datos, pegarlo en el campo Serial Code durante el registro y desencadenar una condición de denegación de servicio que bloquea la aplicación.
CPE		cpe:2.3:a:magiciso:magic_iso_maker:5.5:build281::::::
References	~~() http://www.magiciso.com -~~	() http://www.magiciso.com - Broken Link
References	~~() http://www.magiciso.com/Setup_MagicISO.exe -~~	() http://www.magiciso.com/Setup_MagicISO.exe - Broken Link
References	~~() https://www.exploit-db.com/exploits/46656 -~~	() https://www.exploit-db.com/exploits/46656 - Exploit, VDB Entry
References	~~() https://www.vulncheck.com/advisories/magic-iso-maker-buffer-overflow-denial-of-service -~~	() https://www.vulncheck.com/advisories/magic-iso-maker-buffer-overflow-denial-of-service - Third Party Advisory

21 Mar 2026, 13:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-21 13:16

Updated : 2026-04-16 18:10

NVD link : CVE-2019-25565

Mitre link : CVE-2019-25565

CVE.ORG link : CVE-2019-25565

JSON object : View

Products Affected

magiciso

magic_iso_maker

CWE

CWE-787

Out-of-bounds Write

6.2 /10