CVE-2018-25375
8.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft malicious input in the Registration Name and Registration Key fields to trigger a stack-based buffer overflow and execute a reverse shell payload.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SocuSoft | iPod Photo Slideshow | 8.05 | affected |
Weaknesses
- CWE-121: Stack-based Buffer Overflow
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
References
- https://www.exploit-db.com/exploits/45350
- http://www.dvd-photo-slideshow.com/ipod-photo-slideshow.html
- https://www.vulncheck.com/advisories/socusoft-ipod-photo-slideshow-buffer-overflow-seh
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.