CVE-2018-25377
HighSummary
Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling.
Risk Assessment
Attackers can craft a malicious payload and paste it into the Name and Code fields of the Help > Register dialog, potentially leading to a reverse shell with system privileges.
Recommendation
It is recommended to update the software to the latest version to mitigate this vulnerability and restrict access to the registration function for unauthorized users.
Original NVD description (English source)
Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the Help > Register dialog to trigger a reverse shell with system privileges.

