CVE-2018-25375

SocuSoft iPod Photo Slideshow 8.05 Buffer Overflow SEH

CVSS 8.6 HIGHEPSS 0.2%CWE-121

SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft malicious input in the Registration Name and Registration Key fields to trigger a stack-based buffer overflow and execute a reverse shell payload.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

SocuSoft · iPod Photo Slideshow

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/45350unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/45350 https://www.vulncheck.com/advisories/socusoft-ipod-photo-slideshow-buffer-overflow-seh http://www.dvd-photo-slideshow.com/ipod-photo-slideshow.html