Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
WMV to AVI Converter Vulnerable to Code Execution
CVE-2019-25362
Summary
A bug in the WMV to AVI Converter software allows hackers to potentially take control of your computer. This happens when the program receives too much data at once, which can lead to unauthorized actions. Update the software to a newer version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| alloksoft | wmv_to_avi_mpeg_dvd_wmv_convertor | 4.6.1217 | – |
Original title
WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the license name and license code fields. Attacker...
Original description
WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the license name and license code fields. Attackers can craft a malicious payload of 6000 bytes to trigger a bind shell on port 4444 by exploiting a stack-based buffer overflow in the application's input handling.
nvd CVSS3.1
9.8
nvd CVSS4.0
9.3
Vulnerability type
CWE-787
Out-of-bounds Write
- https://www.alloksoft.com/ Not Applicable URL Repurposed
- https://www.alloksoft.com/wmv.htm Not Applicable URL Repurposed
- https://www.exploit-db.com/exploits/47563 Exploit VDB Entry
- https://www.exploit-db.com/exploits/47568 Exploit VDB Entry
- https://www.vulncheck.com/advisories/wmv-to-avi-mpeg-dvd-wmv-convertor-buffer-ov... Third Party Advisory
Published: 18 Feb 2026 · Updated: 14 Mar 2026 · First seen: 6 Mar 2026