CVE Catalog

CVE-2018-25376

High
Published: Translated: NVD NIST

Summary

Socusoft 3GP Photo Slideshow version 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling.

Risk Assessment

Attackers can craft malicious input in the Registration Name and Registration Key fields to overwrite the SEH chain and gain reverse shell access.

Recommendation

It is recommended to update the software to the latest version to mitigate this vulnerability and to monitor systems for potential attack attempts.

Original NVD description (English source)

Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft malicious input in the Registration Name and Registration Key fields to overwrite the SEH chain and execute shellcode for reverse shell access.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS