Vulnerability Description
Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with structured exception handler (SEH) overwrite and shellcode to achieve code execution when the application processes the license registration input.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- http://www.alloksoft.com
- http://www.alloksoft.com/joiner.htm
- https://www.exploit-db.com/exploits/44364
- https://www.vulncheck.com/advisories/alloksoft-video-joiner-buffer-overflow-via-
FAQ
What is CVE-2018-25315?
CVE-2018-25315 is a vulnerability with a CVSS score of 8.4 (HIGH). Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can ...
How severe is CVE-2018-25315?
CVE-2018-25315 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-25315?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.