Medium severity6.2NVD Advisory· Published Apr 5, 2026· Updated Apr 27, 2026

CVE-2019-25665

Description

River Past Ringtone Converter 2.7.6.1601 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to activation fields. Attackers can paste 300 bytes of data into the Email textbox and Activation code textarea via the Help menu's Activate dialog to trigger a denial of service condition.

Affected products

River Past Ringtone Converter Project/River Past Ringtone Converter
cpe:2.3:a:river_past_ringtone_converter_project:river_past_ringtone_converter:*:*:*:*:*:*:*:*
Range: <=2.7.6.1601

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/46312nvdExploitVDB Entry
www.vulncheck.com/advisories/river-past-ringtone-converter-buffer-overflow-dosnvdThird Party Advisory
www.riverpast.comnvdProduct

News mentions

No linked articles in our index yet.

cvss	0.403
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000