CVE-2018-25375

SocuSoft iPod Photo Slideshow 8.05 Buffer Overflow SEH

CVSS 8.6 HIGHEPSS 0.2%CWE-121

SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft malicious input in the Registration Name and Registration Key fields to trigger a stack-based buffer overflow and execute a reverse shell payload.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Productos afectados

SocuSoft · iPod Photo Slideshow

PoCs públicas encontradas — 1

cve_referencewww.exploit-db.com/exploits/45350no verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.exploit-db.com/exploits/45350 https://www.vulncheck.com/advisories/socusoft-ipod-photo-slideshow-buffer-overflow-seh http://www.dvd-photo-slideshow.com/ipod-photo-slideshow.html