CVE-2018-25301 HIGH

CVE-2018-25301: Easy MPEG to DVD Burner 1.7.11 SEH Local Buffer Overflow

Vendor Easy Mpeg
Product Easy MPEG to DVD Burner
Weakness CWE-120
Published April 29, 2026
Last update May 4, 2026

CVSS base score

8.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious username string. Attackers can craft a payload containing junk data, SEH chain pointers, and shellcode that overwrites the SEH handler to redirect execution and run arbitrary commands like opening calc.exe.

Key dates

02Disclosure timeline

April 29, 2026 CVE published
May 4, 2026 Record updated