{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25616", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-22T13:30:21.618Z", "datePublished": "2026-03-22T13:38:48.389Z", "dateUpdated": "2026-03-23T15:53:43.712Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-22T13:38:48.389Z"}, "datePublic": "2019-04-25T00:00:00.000Z", "title": "AnMing MP3 CD Burner 2.0 Local Denial of Service", "descriptions": [{"lang": "en", "value": "AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string. Attackers can paste a 6000-byte payload into the registration name field to trigger a denial of service condition."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Unrestricted Upload of File with Dangerous Type", "cweId": "CWE-434", "type": "CWE"}]}], "affected": [{"vendor": "Ddz1977", "product": "AnMing MP3 CD Burner", "versions": [{"version": "2.0", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46754", "name": "ExploitDB-46754", "tags": ["exploit"]}, {"url": "http://www.ddz1977.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://files.downloadnow.com/s/software/10/56/16/74/anming_setup.zip?token=1556228877_063f2dc0aed064ee5d13374d8509661c&fileName=anming_setup.zip", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: AnMing MP3 CD Burner 2.0 Local Denial of Service", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/anming-mp3-cd-burner-local-denial-of-service"}], "credits": [{"lang": "en", "value": "Achilles", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T15:46:42.518906Z", "id": "CVE-2019-25616", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T15:53:43.712Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "AnMing MP3 CD Burner 2.0 Local Denial of Service", "credits": [{"lang": "en", "type": "finder", "value": "Achilles"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Ddz1977", "product": "AnMing MP3 CD Burner", "versions": [{"status": "affected", "version": "2.0"}]}], "datePublic": "2019-04-25T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/46754", "name": "ExploitDB-46754", "tags": ["exploit"]}, {"url": "http://www.ddz1977.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://files.downloadnow.com/s/software/10/56/16/74/anming_setup.zip?token=1556228877_063f2dc0aed064ee5d13374d8509661c&fileName=anming_setup.zip", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/anming-mp3-cd-burner-local-denial-of-service", "name": "VulnCheck Advisory: AnMing MP3 CD Burner 2.0 Local Denial of Service", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string. Attackers can paste a 6000-byte payload into the registration name field to trigger a denial of service condition."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-22T13:38:48.389Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25616", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-23T15:46:42.518906Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-23T15:53:37.288Z"}}]}, "cveMetadata": {"cveId": "CVE-2019-25616", "state": "PUBLISHED", "dateUpdated": "2026-03-22T13:38:48.389Z", "dateReserved": "2026-03-22T13:30:21.618Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-22T13:38:48.389Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string. Attackers can paste a 6000-byte payload into the registration name field to trigger a denial of service condition."}, {"lang": "es", "value": "AnMing MP3 CD Burner 2.0 contiene una vulnerabilidad de desbordamiento de b\u00fafer que permite a atacantes locales bloquear la aplicaci\u00f3n al proporcionar una cadena de tama\u00f1o excesivo. Los atacantes pueden pegar una carga \u00fatil de 6000 bytes en el campo de nombre de registro para desencadenar una condici\u00f3n de denegaci\u00f3n de servicio."}], "id": "CVE-2019-25616", "lastModified": "2026-04-16T16:19:50.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-22T14:16:30.307", "references": [{"source": "disclosure@vulncheck.com", "url": "http://www.ddz1977.com/"}, {"source": "disclosure@vulncheck.com", "url": "https://files.downloadnow.com/s/software/10/56/16/74/anming_setup.zip?token=1556228877_063f2dc0aed064ee5d13374d8509661c&fileName=anming_setup.zip"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/46754"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/anming-mp3-cd-burner-local-denial-of-service"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "AnMing MP3 CD Burner", "source": "cna", "vendor": "Ddz1977"}, "product": "anming_mp3_cd_burner", "vendor": "ddz1977"}], "analysis": {"en": {"generated_at": "2026-03-22T14:36:12.994899+00:00", "value": {"mitigation_remediation": ["Apply the latest available update to AnMing MP3 CD Burner if a patch has been released.", "If no patch is available, consider uninstalling the program or disabling the registration name entry to mitigate the risk.", "Monitor application usage and system logs for repeated crashes that may indicate attempts to exploit this vulnerability.", "Regularly check the vendor\u2019s website or support forums for new advisories or unofficial fixes."], "summary": {"action": "Update Software", "impact": "Denial of Service (Local)"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the AnMing MP3 CD Burner 2.0 application distributed by Ddz1977. No specific patched version is listed, so all installations of version 2.0 remain vulnerable.", "description_and_impact": "AnMing MP3 CD Burner 2.0 contains a buffer overflow in the registration name field that allows a local user to provide an oversized string and crash the program. The attacker supplies a 6000-byte payload causing the application to terminate, resulting in a denial of service for any user of the software. This weakness is classified as CWE-434, an unrestricted input to a resource handling function. The impact is limited to the local system where the software runs, but repeated crashes can prevent the use of the burner and reduce availability.", "risk_and_exploitability": "The CVSS score for this flaw is 6.9, indicating medium severity. Exploit probability data is not available and it is not listed in the CISA KEV catalog. The attack vector is local: the attacker must have access to the machine to supply the malicious input. Because the flaw results only in a program crash, no privileged escalation or data compromise is reported, but it can cause service disruption for the user."}}}}, "created": "2026-03-23T09:46:05.257315+00:00", "updated": "2026-03-25T14:50:42.311514+00:00", "vendors": ["ddz1977", "ddz1977$PRODUCT$anming_mp3_cd_burner"]}