Primary

Context

Tomabo MP4 Converter Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Tomabo MP4 Converter version 3.25.22. This vulnerability allows local attackers to crash the application by entering an excessively long string in the Name field. The issue arises when a large payload is pasted into the Name parameter while adding a preset in the Video/Audio Formats options. The application crashes upon clicking 'Reset All', indicating a buffer overflow has occurred.

Impact

Exploitation of this vulnerability leads to a buffer overflow, causing the application to crash.

Reproduction

To reproduce this vulnerability, first run a Python script that generates a text file containing a long string of characters. Copy the text from this file to the clipboard. Then, open Tomabo MP4 Converter and navigate to 'Options' > 'Video/Audio Formats'. Click 'Add Preset' and paste the clipboard content into the 'Name' field. After clicking 'OK', press 'Reset All' to trigger the application crash.

Added: Mar 21, 2026, 1:25 PM

Updated: Mar 21, 2026, 1:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

4.7

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

4.7

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tomabo MP4 Converter Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating