CWE-121
Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2018-17937 (GCVE-0-2018-17937)
Vulnerability from cvelistv5 – Published: 2019-03-13 17:00 – Updated: 2024-09-16 19:36
VLAI
Summary
gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs.
Severity
No CVSS data available.
CWE
- CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/107029 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-310-01 | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2019… | mailing-listx_refsource_MLIST |
| https://security.gentoo.org/glsa/202009-17 | vendor-advisoryx_refsource_GENTOO |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ICS-CERT | gpsd and microjson (Open Source Project) |
Affected:
gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3
|
Date Public
2019-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:01:14.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107029"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-310-01"
},
{
"name": "[debian-lts-announce] 20190330 [SECURITY] [DLA 1738-1] gpsd security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00040.html"
},
{
"name": "GLSA-202009-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202009-17"
},
{
"name": "[debian-lts-announce] 20211029 [SECURITY] [DLA 2795-1] gpsd security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "gpsd and microjson (Open Source Project)",
"vendor": "ICS-CERT",
"versions": [
{
"status": "affected",
"version": "gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3"
}
]
}
],
"datePublic": "2019-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-29T09:06:09.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "107029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107029"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-310-01"
},
{
"name": "[debian-lts-announce] 20190330 [SECURITY] [DLA 1738-1] gpsd security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00040.html"
},
{
"name": "GLSA-202009-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202009-17"
},
{
"name": "[debian-lts-announce] 20211029 [SECURITY] [DLA 2795-1] gpsd security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00024.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2019-02-14T00:00:00",
"ID": "CVE-2018-17937",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "gpsd and microjson (Open Source Project)",
"version": {
"version_data": [
{
"version_value": "gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3"
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107029"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-310-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-310-01"
},
{
"name": "[debian-lts-announce] 20190330 [SECURITY] [DLA 1738-1] gpsd security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00040.html"
},
{
"name": "GLSA-202009-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202009-17"
},
{
"name": "[debian-lts-announce] 20211029 [SECURITY] [DLA 2795-1] gpsd security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00024.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-17937",
"datePublished": "2019-03-13T17:00:00.000Z",
"dateReserved": "2018-10-02T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:36:34.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18993 (GCVE-0-2018-18993)
Vulnerability from cvelistv5 – Published: 2018-12-04 22:00 – Updated: 2024-08-05 11:23
VLAI
Summary
Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application.
Severity
No CVSS data available.
CWE
- CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01 | x_refsource_MISC |
| http://www.securityfocus.com/bid/106106 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | CX-One (CX-Programmer and CX-Server) |
Affected:
CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior)
|
Date Public
2018-12-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:08.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
},
{
"name": "106106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106106"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CX-One (CX-Programmer and CX-Server)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior)"
}
]
}
],
"datePublic": "2018-12-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
},
{
"name": "106106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106106"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-18993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CX-One (CX-Programmer and CX-Server)",
"version": {
"version_data": [
{
"version_value": "CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
},
{
"name": "106106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106106"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-18993",
"datePublished": "2018-12-04T22:00:00.000Z",
"dateReserved": "2018-11-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:23:08.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20247 (GCVE-0-2018-20247)
Vulnerability from cvelistv5 – Published: 2018-12-24 19:00 – Updated: 2024-08-05 11:58
VLAI
Summary
In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow.
Severity
No CVSS data available.
CWE
- CWE-121 - Stack-based Buffer Overflow (3.1)
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/106306 | vdb-entryx_refsource_BID |
| https://www.foxitsoftware.com/support/security-bu… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Foxit Quick PDF Library |
Affected:
All versions prior to 16.12
|
Date Public
2018-12-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:18.710Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106306",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106306"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Foxit Quick PDF Library",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to 16.12"
}
]
}
],
"datePublic": "2018-12-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow (3.1)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-26T10:57:02.000Z",
"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"shortName": "checkpoint"
},
"references": [
{
"name": "106306",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106306"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@checkpoint.com",
"ID": "CVE-2018-20247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Foxit Quick PDF Library",
"version": {
"version_data": [
{
"version_value": "All versions prior to 16.12"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow (3.1)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106306",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106306"
},
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"assignerShortName": "checkpoint",
"cveId": "CVE-2018-20247",
"datePublished": "2018-12-24T19:00:00.000Z",
"dateReserved": "2018-12-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:58:18.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20655 (GCVE-0-2018-20655)
Vulnerability from cvelistv5 – Published: 2019-06-14 17:02 – Updated: 2024-08-05 12:05
VLAI
Summary
When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for iOS prior to v2.18.90.24 and WhatsApp Business for iOS prior to v2.18.90.24.
Severity
No CVSS data available.
CWE
- CWE-121 - Stack-based Buffer Overflow (CWE-121)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.facebook.com/security/advisories/cve-… | x_refsource_MISC |
| http://www.securityfocus.com/bid/108805 | vdb-entryx_refsource_BID |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| WhatsApp for iOS |
Affected:
2.18.90.24
Affected: unspecified , < 2.18.90.24 (custom) |
||
| WhatsApp Business for iOS |
Affected:
2.18.90.24
Affected: unspecified , < 2.18.90.24 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:05:17.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.facebook.com/security/advisories/cve-2018-20655/"
},
{
"name": "108805",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108805"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WhatsApp for iOS",
"vendor": "Facebook",
"versions": [
{
"status": "affected",
"version": "2.18.90.24"
},
{
"lessThan": "2.18.90.24",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "WhatsApp Business for iOS",
"vendor": "Facebook",
"versions": [
{
"status": "affected",
"version": "2.18.90.24"
},
{
"lessThan": "2.18.90.24",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-12-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for iOS prior to v2.18.90.24 and WhatsApp Business for iOS prior to v2.18.90.24."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-18T17:06:04.000Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "facebook"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.facebook.com/security/advisories/cve-2018-20655/"
},
{
"name": "108805",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108805"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2018-12-30",
"ID": "CVE-2018-20655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WhatsApp for iOS",
"version": {
"version_data": [
{
"version_affected": "!=\u003e",
"version_value": "2.18.90.24"
},
{
"version_affected": "\u003c",
"version_value": "2.18.90.24"
}
]
}
},
{
"product_name": "WhatsApp Business for iOS",
"version": {
"version_data": [
{
"version_affected": "!=\u003e",
"version_value": "2.18.90.24"
},
{
"version_affected": "\u003c",
"version_value": "2.18.90.24"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for iOS prior to v2.18.90.24 and WhatsApp Business for iOS prior to v2.18.90.24."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow (CWE-121)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.facebook.com/security/advisories/cve-2018-20655/",
"refsource": "MISC",
"url": "https://www.facebook.com/security/advisories/cve-2018-20655/"
},
{
"name": "108805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108805"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "facebook",
"cveId": "CVE-2018-20655",
"datePublished": "2019-06-14T17:02:57.000Z",
"dateReserved": "2019-01-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T12:05:17.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25303 (GCVE-0-2018-25303)
Vulnerability from cvelistv5 – Published: 2026-04-29 19:24 – Updated: 2026-04-30 13:07
VLAI
Title
Allok Video to DVD Burner 2.6.1217 Buffer Overflow SEH
Summary
Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers can craft a malicious input string with 780 bytes of junk data followed by SEH chain pointers and shellcode, then paste it into the License Name field during registration to achieve code execution.
Severity
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/44518 | exploit |
| http://www.alloksoft.com/ | product |
| https://www.vulncheck.com/advisories/allok-video-… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Alloksoft | Allok Video to DVD Burner |
Affected:
2.6.1217
|
Date Public
2018-04-23 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25303",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-30T13:07:05.414322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-30T13:07:13.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Allok Video to DVD Burner",
"vendor": "Alloksoft",
"versions": [
{
"status": "affected",
"version": "2.6.1217"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T3jv1l"
}
],
"datePublic": "2018-04-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers can craft a malicious input string with 780 bytes of junk data followed by SEH chain pointers and shellcode, then paste it into the License Name field during registration to achieve code execution."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T19:24:35.902Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-44518",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/44518"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://www.alloksoft.com/"
},
{
"name": "VulnCheck Advisory: Allok Video to DVD Burner 2.6.1217 Buffer Overflow SEH",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/allok-video-to-dvd-burner-buffer-overflow-seh"
}
],
"title": "Allok Video to DVD Burner 2.6.1217 Buffer Overflow SEH",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25303",
"datePublished": "2026-04-29T19:24:35.902Z",
"dateReserved": "2026-04-29T12:07:42.797Z",
"dateUpdated": "2026-04-30T13:07:13.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25322 (GCVE-0-2018-25322)
Vulnerability from cvelistv5 – Published: 2026-05-17 12:11 – Updated: 2026-05-18 12:31
VLAI
Title
Allok Fast AVI MPEG Splitter 1.2 Stack Based Buffer Overflow
Summary
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the License Name field to trigger the overflow and execute code with application privileges.
Severity
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/44341 | exploit |
| http://www.alloksoft.com | product |
| http://www.alloksoft.com/allok_vconverter.exe | product |
| https://www.vulncheck.com/advisories/allok-fast-a… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| alloksoft | Fast AVI MPEG Splitter |
Affected:
1.2
|
Date Public
2018-03-06 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25322",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-18T12:31:50.215551Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-18T12:31:55.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fast AVI MPEG Splitter",
"vendor": "alloksoft",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mohan Ravichandran \u0026 Velayutham Selvaraj"
}
],
"datePublic": "2018-03-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the License Name field to trigger the overflow and execute code with application privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-17T12:11:28.960Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-44341",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/44341"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://www.alloksoft.com"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "http://www.alloksoft.com/allok_vconverter.exe"
},
{
"name": "VulnCheck Advisory: Allok Fast AVI MPEG Splitter 1.2 Stack Based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/allok-fast-avi-mpeg-splitter-stack-based-buffer-overflow"
}
],
"title": "Allok Fast AVI MPEG Splitter 1.2 Stack Based Buffer Overflow",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25322",
"datePublished": "2026-05-17T12:11:28.960Z",
"dateReserved": "2026-05-17T11:37:38.641Z",
"dateUpdated": "2026-05-18T12:31:55.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25344 (GCVE-0-2018-25344)
Vulnerability from cvelistv5 – Published: 2026-05-23 18:30 – Updated: 2026-05-26 13:27
VLAI
Title
10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH
Summary
10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string with 4188 bytes of padding followed by SEH chain values and shellcode, then paste it into the registration dialog to achieve code execution with application privileges.
Severity
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/44840 | exploit |
| https://www.10-strike.com/ | product |
| https://www.vulncheck.com/advisories/10-strike-ne… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| 10-Strike | Network Inventory Explorer |
Affected:
8.54
|
Date Public
2018-06-05 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25344",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T13:27:27.398652Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T13:27:33.215Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Network Inventory Explorer",
"vendor": "10-Strike",
"versions": [
{
"status": "affected",
"version": "8.54"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10-strike:network_inventory_explorer:8.54:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:10-strike:network_inventory_explorer:9.31:*:*:*:pro:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:10-strike:network_inventory_explorer:9.3:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:10-strike:network_inventory_explorer:-:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Hashim Jawad - ihack4falafelx"
}
],
"datePublic": "2018-06-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string with 4188 bytes of padding followed by SEH chain values and shellcode, then paste it into the registration dialog to achieve code execution with application privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T18:30:46.677Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-44840",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/44840"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://www.10-strike.com/"
},
{
"name": "VulnCheck Advisory: 10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/10-strike-network-inventory-explorer-buffer-overflow-seh"
}
],
"title": "10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25344",
"datePublished": "2026-05-23T18:30:46.677Z",
"dateReserved": "2026-05-23T14:45:41.616Z",
"dateUpdated": "2026-05-26T13:27:33.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25360 (GCVE-0-2018-25360)
Vulnerability from cvelistv5 – Published: 2026-05-25 14:15 – Updated: 2026-05-26 18:42
VLAI
Title
AgataSoft Auto PingMaster 1.5 Buffer Overflow SEH
Summary
AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious ping.txt file with shellcode and jump instructions that overwrite the SEH handler pointer to achieve code execution when the file contents are pasted into the application.
Severity
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/45151 | exploit |
| http://agatasoft.com/ | product |
| https://www.vulncheck.com/advisories/agatasoft-au… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Agatasoft | Auto PingMaster |
Affected:
1.5
|
Date Public
2018-08-03 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25360",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:41:35.936992Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:42:40.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Auto PingMaster",
"vendor": "Agatasoft",
"versions": [
{
"status": "affected",
"version": "1.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "bzyo"
}
],
"datePublic": "2018-08-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious ping.txt file with shellcode and jump instructions that overwrite the SEH handler pointer to achieve code execution when the file contents are pasted into the application."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-25T14:15:07.967Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-45151",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/45151"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://agatasoft.com/"
},
{
"name": "VulnCheck Advisory: AgataSoft Auto PingMaster 1.5 Buffer Overflow SEH",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/agatasoft-auto-pingmaster-buffer-overflow-seh"
}
],
"title": "AgataSoft Auto PingMaster 1.5 Buffer Overflow SEH",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25360",
"datePublished": "2026-05-25T14:15:07.967Z",
"dateReserved": "2026-05-24T13:20:31.155Z",
"dateUpdated": "2026-05-26T18:42:40.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25373 (GCVE-0-2018-25373)
Vulnerability from cvelistv5 – Published: 2026-05-25 14:15 – Updated: 2026-05-27 16:09
VLAI
Title
DVD Photo Slideshow Professional 8.07 Buffer Overflow SEH
Summary
SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability in the registration name field that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious text file with carefully constructed payload containing junk bytes, SEH chain overwrite, and shellcode, then paste the contents into the Registration Name field via Help > Register to trigger code execution.
Severity
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/45346 | exploit |
| http://www.dvd-photo-slideshow.com/ | product |
| https://www.vulncheck.com/advisories/dvd-photo-sl… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SocuSoft | DVD Photo Slideshow Professional |
Affected:
8.07
|
Date Public
2018-09-06 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25373",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-27T16:03:00.434784Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T16:09:27.196Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DVD Photo Slideshow Professional",
"vendor": "SocuSoft",
"versions": [
{
"status": "affected",
"version": "8.07"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T3jv1l"
}
],
"datePublic": "2018-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability in the registration name field that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious text file with carefully constructed payload containing junk bytes, SEH chain overwrite, and shellcode, then paste the contents into the Registration Name field via Help \u003e Register to trigger code execution."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-25T14:15:17.927Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-45346",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/45346"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://www.dvd-photo-slideshow.com/"
},
{
"name": "VulnCheck Advisory: DVD Photo Slideshow Professional 8.07 Buffer Overflow SEH",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/dvd-photo-slideshow-professional-buffer-overflow-seh"
}
],
"title": "DVD Photo Slideshow Professional 8.07 Buffer Overflow SEH",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25373",
"datePublished": "2026-05-25T14:15:17.927Z",
"dateReserved": "2026-05-25T13:49:00.908Z",
"dateUpdated": "2026-05-27T16:09:27.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25375 (GCVE-0-2018-25375)
Vulnerability from cvelistv5 – Published: 2026-05-25 14:15 – Updated: 2026-05-26 12:48
VLAI
Title
SocuSoft iPod Photo Slideshow 8.05 Buffer Overflow SEH
Summary
SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft malicious input in the Registration Name and Registration Key fields to trigger a stack-based buffer overflow and execute a reverse shell payload.
Severity
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/45350 | exploit |
| http://www.dvd-photo-slideshow.com/ipod-photo-sli… | product |
| https://www.vulncheck.com/advisories/socusoft-ipo… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SocuSoft | iPod Photo Slideshow |
Affected:
8.05
|
Date Public
2018-09-08 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25375",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T12:48:03.190226Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T12:48:20.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iPod Photo Slideshow",
"vendor": "SocuSoft",
"versions": [
{
"status": "affected",
"version": "8.05"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Shubham Singh"
}
],
"datePublic": "2018-09-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft malicious input in the Registration Name and Registration Key fields to trigger a stack-based buffer overflow and execute a reverse shell payload."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-25T14:15:19.284Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-45350",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/45350"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "http://www.dvd-photo-slideshow.com/ipod-photo-slideshow.html"
},
{
"name": "VulnCheck Advisory: SocuSoft iPod Photo Slideshow 8.05 Buffer Overflow SEH",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/socusoft-ipod-photo-slideshow-buffer-overflow-seh"
}
],
"title": "SocuSoft iPod Photo Slideshow 8.05 Buffer Overflow SEH",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25375",
"datePublished": "2026-05-25T14:15:19.284Z",
"dateReserved": "2026-05-25T13:51:14.423Z",
"dateUpdated": "2026-05-26T12:48:20.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-10
Phases: Operation, Build and Compilation
Strategy: Environment Hardening
Description:
- Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
- D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation
Phase: Architecture and Design
Description:
- Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Phase: Implementation
Description:
- Implement and perform bounds checking on input.
Mitigation
Phase: Implementation
Description:
- Do not use dangerous functions such as gets. Use safer, equivalent functions which check for boundary errors.
Mitigation ID: MIT-11
Phases: Operation, Build and Compilation
Strategy: Environment Hardening
Description:
- Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
- Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
- For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].
No CAPEC attack patterns related to this CWE.