← back
CVE-2018-25355

Audiograbber 1.83 Local Buffer Overflow via SEH

CVSS 8.6 HIGHEPSS 0.2%CWE-120
Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious input in the Interpret or Album fields that triggers a buffer overflow, overwriting SEH pointers and executing injected shellcode with application privileges.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Audiograbber · Audiograbber
public PoCs found1
cve_referencewww.exploit-db.com/exploits/44903unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.audiograbber.org/https://www.exploit-db.com/exploits/44903https://www.vulncheck.com/advisories/audiograbber-local-buffer-overflow-via-seh