Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.7
SpotAuditor 5.3.1.0 can be crashed by excessive registration name entries
CVE-2019-25434
Summary
An attacker can cause SpotAuditor to crash by entering a very long name during registration. This can happen without needing a password or login. To protect your system, update to a fixed version of SpotAuditor.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| nsasoft | spotauditor | <= 5.3.1.0 | – |
Original title
SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers ...
Original description
SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large string of characters (5000 bytes or more) in the name field during registration to trigger an unhandled exception that crashes the application.
nvd CVSS3.1
7.5
nvd CVSS4.0
6.7
Vulnerability type
CWE-121
Stack-based Buffer Overflow
- http://www.nsauditor.com Product
- https://www.exploit-db.com/exploits/47494 Exploit VDB Entry
- https://www.vulncheck.com/advisories/spotauditor-denial-of-service-via-registrat... Third Party Advisory
Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026