CVE-2018-25314

HIGH SEVERITY

CVSS Score & Metrics

Base Score

8.4 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized string in the License Name field. Attackers can craft a malicious input containing shellcode with structured exception handler (SEH) overwrite to bypass protections and execute code with application privileges.

Vulnerability Details

Published Date

April 29, 2026

Last Modified

April 29, 2026

CWE ID

CWE-120

Source

NVD

Vendor

Alloksoft

Product

WMV to AVI MPEG DVD WMV Converter

External References

http://www.alloksoft.com
http://www.alloksoft.com/wmv.htm
https://www.exploit-db.com/exploits/44365
https://www.vulncheck.com/advisories/allok-soft-wmv-to-avi-mpeg-dvd-wmv-converter-buffer-overflow

CVE-2018-25314

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment