Cyber Resilience

CVE-2018-25322

HighPublic PoC

Published: 17 May 2026

Published
17 May 2026
Modified
18 May 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0015 4.4th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2018-25322 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Alloksoft (inferred from references). Its CVSS base score is 8.6 (High).

Operationally, ranked at the 4.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed…

more

by structured shellcode and place it in the License Name field to trigger the overflow and execute code with application privileges.

CWE(s)

Related Threats

CVEs Like This One

CVE-2025-70083Shared CWE-121
CVE-2026-38422Shared CWE-121
CVE-2025-54485Shared CWE-121
CVE-2025-11783Shared CWE-121
CVE-2025-29149Shared CWE-121
CVE-2025-15273Shared CWE-121
CVE-2025-54491Shared CWE-121
CVE-2025-70656Shared CWE-121
CVE-2025-70304Shared CWE-121
CVE-2025-71023Shared CWE-121

Affected Assets

Alloksoft
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References