CVE-2018-25303 HIGH

CVE-2018-25303: Allok Video to DVD Burner 2.6.1217 Buffer Overflow SEH

Vendor Alloksoft
Product Allok Video to DVD Burner
Weakness CWE-121
Published April 29, 2026
Last update April 30, 2026

CVSS base score

8.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers can craft a malicious input string with 780 bytes of junk data followed by SEH chain pointers and shellcode, then paste it into the License Name field during registration to achieve code execution.

Key dates

02Disclosure timeline

April 29, 2026 CVE published
April 30, 2026 Record updated