Primary

Context

WinMPG Video Convert Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in WinMPG Video Convert versions through 9.3.5. This vulnerability resides in the registration dialog, where local attackers can cause the application to crash by entering excessively large input. Specifically, a payload of 6000 bytes can be pasted into the Name and Registration Code fields, triggering a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by crashing the application.

Reproduction

To reproduce this vulnerability, first create a text file named 'Evil.txt' containing 6000 bytes of arbitrary data. Then, open WinMPG Video Convert and click the 'ALL-AVI' button. In the new window, click 'Register' and paste the contents of 'Evil.txt' into the 'Name and Registration Code' fields. After clicking 'Register', the application will crash.

Added: Mar 24, 2026, 12:23 PM

Updated: Mar 24, 2026, 12:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WinMPG Video Convert Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating