CVE-2019-25595

MEDIUM 6.2

jetAudio 8.1.7.20702 Basic Denial of Service via URL Handler

CVSS Score

6.2

EPSS Score

0.0%

EPSS Percentile

2th

jetAudio 8.1.7.20702 Basic contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string through the URL input handler. Attackers can trigger the crash by pasting a buffer of 5000 characters into the Open URL dialog, causing the application to terminate abnormally.

CWE	CWE-469
Vendor	jetaudio
Product	jetaudio
Published	Mar 22, 2026
Last Updated	Mar 23, 2026

Stay Ahead of the Next One

Get instant alerts for jetaudio jetaudio

Be the first to know when new medium vulnerabilities affecting jetaudio jetaudio are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected Versions

Jetaudio / jetAudio

8.1.7.20702

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/46810 jetaudio.com: http://www.jetaudio.com/ jetaudio.com: http://www.jetaudio.com/download/ vulncheck.com: https://www.vulncheck.com/advisories/jetaudio-basic-denial-of-service-via-url-handler

Credits

Victor Mondragón