CVE-2018-25376

Socusoft 3GP Photo Slideshow 8.05 Buffer Overflow SEH

CVSS 8.6 HIGHEPSS 0.2%CWE-120

Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft malicious input in the Registration Name and Registration Key fields to overwrite the SEH chain and execute shellcode for reverse shell access.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

SocuSoft · 3GP Photo Slideshow

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/45352unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/45352 https://www.vulncheck.com/advisories/socusoft-3gp-photo-slideshow-buffer-overflow-seh http://www.dvd-photo-slideshow.com/3gp-photo-slideshow.html