CVE-2019-25606

low-risk

Published 2026-03-22

Fast AVI MPEG Joiner 1.2.0812 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the License Name field. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the License Name input field to trigger a denial of service condition when the Register button is clicked.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

References (4)

http://www.alloksoft.com

http://www.alloksoft.com/fast_avimpegjoiner.exe

https://www.exploit-db.com/exploits/46929

https://www.vulncheck.com/advisories/fast-avi-mpeg-joiner-buffer-overflow-denial...

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal