anonhaven
Ad

CVE-2019-25556

MEDIUM CVSS 4.0: 6.9 EPSS 0.02%
Updated Mar 24, 2026
Pixarra
Parameter Value
CVSS 6.9 (MEDIUM)
Type CWE-787 (Out-of-bounds Write)
Vendor Pixarra
Public PoC Yes

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a malicious string into the New Width or New Height field to trigger a buffer overflow that causes the application to crash.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
High
Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-787 Out-of-bounds Write

Vulnerable Products 1

Configuration From (including) Up to (excluding)
Pixarra Twistedbrush_Pro_Studio
cpe:2.3:a:pixarra:twistedbrush_pro_studio:24.06:*:*:*:*:*:*:*

References 3

http://www.pixarra.com
disclosure@vulncheck.com
https://www.exploit-db.com/exploits/46843
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/twistedbrush-pro-studio-resize-image-denia…
disclosure@vulncheck.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2019-25625

Blob

6.9

CVE-2019-25624

Liquid

6.9

CVE-2019-25623

Luminance

6.9

CVE-2019-25622

Paint

6.9

CVE-2019-25621

Pixel

6.9