CVE-2018-25373: DVD Photo Slideshow Professional 8.07 Buffer Overflow SEH
SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability in the registration name field that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious text file with carefully constructed payload containing junk bytes, SEH chain overwrite, and shellcode, then paste the contents into the Registration Name field via Help > Register to trigger code execution.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2018-25373?
The severity of CVE-2018-25373 is rated high with a score of 8.4.
How do I fix CVE-2018-25373?
To fix CVE-2018-25373, you should update Socusoft DVD Photo Slideshow Professional to the latest version provided by the vendor.
What is the potential impact of exploiting CVE-2018-25373?
Exploiting CVE-2018-25373 allows local attackers to execute arbitrary code on the affected system.
Who is affected by CVE-2018-25373?
Any user of Socusoft DVD Photo Slideshow Professional version 8.07 is affected by CVE-2018-25373.
What type of vulnerability is CVE-2018-25373?
CVE-2018-25373 is a stack-based buffer overflow vulnerability.