← volver
CVE-2018-25375

SocuSoft iPod Photo Slideshow 8.05 Buffer Overflow SEH

CVSS 8.6 HIGHEPSS 0.2%CWE-121
Vexday Risk Score
41Atención
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
CVSS 8.6EPSS 0.2%KEV nãoPoC públicaNuclei Metasploit Patch
Ciclo de vida
25 may 2026Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft malicious input in the Registration Name and Registration Key fields to trigger a stack-based buffer overflow and execute a reverse shell payload.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.