CVE-2018-25302
Published: 29 April 2026
Summary
CVE-2018-25302 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Alloksoft (inferred from references). Its CVSS base score is 8.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 5.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SA-22 (Unsupported System Components) and SI-16 (Memory Protection).
Deeper analysis
CVE-2018-25302 is a structured exception handling (SEH) based buffer overflow vulnerability in Allok AVI to DVD SVCD VCD Converter version 4.0.1217. The flaw occurs when a malicious string is supplied in the License Name field, leading to arbitrary code execution. It is classified under CWE-120 (Buffer Copy without Checking Size of Input) with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
Local attackers can exploit this vulnerability by crafting a payload consisting of junk data, an NSEH bypass, an SEH handler address, and shellcode. The overflow is triggered by pasting the payload into the License Name field and clicking the Register button, resulting in code execution under the context of the application.
Advisories and references, including an Exploit-DB entry at https://www.exploit-db.com/exploits/44549 and a Vulncheck advisory at https://www.vulncheck.com/advisories/allok-avi-to-dvd-svcd-vcd-converter-buffer-overflow-seh, detail the exploit and vulnerability. The vendor site at http://www.alloksoft.com/ is referenced, but no patches or specific mitigations are described in the available information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-21823
Vulnerability details
Allok AVI to DVD SVCD VCD Converter 4.0.1217 contains a structured exception handling (SEH) based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a…
more
payload with junk data, NSEH bypass, SEH handler address, and shellcode that triggers the overflow when pasted into the License Name field and the Register button is clicked, resulting in code execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local SEH buffer overflow in client app directly enables arbitrary code execution via crafted malicious input (T1203 Exploitation for Client Execution).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires identification, prioritization, and correction of system flaws, directly mitigating this known SEH-based buffer overflow by patching or removing the vulnerable Allok converter.
Implements memory safeguards such as DEP and ASLR that prevent arbitrary code execution from SEH handler overwrites in buffer overflow exploits.
Prohibits use of unsupported system components like this outdated Allok AVI to DVD SVCD VCD Converter version 4.0.1217, preventing installation of vulnerable software.