CVE-2018-25260 HIGH

CVE-2018-25260: MAGIX Music Editor 3.1 Buffer Overflow via SEH

Vendor Magix
Product MAGIX Music Editor
Weakness CWE-787
Published April 22, 2026
Last update May 14, 2026

CVSS base score

8.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload, paste it into the Server field via the CD menu's FreeDB Proxy Options, and trigger code execution when settings are accepted.

Key dates

02Disclosure timeline

April 22, 2026 CVE published
May 14, 2026 Record updated