CVE-2018-25315 HIGH

CVE-2018-25315: Alloksoft Video joiner 4.6.1217 Buffer Overflow via License Name

Vendor Alloksoft
Product Video Joiner
Weakness CWE-120
Published April 29, 2026
Last update April 30, 2026

CVSS base score

8.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with structured exception handler (SEH) overwrite and shellcode to achieve code execution when the application processes the license registration input.

Key dates

02Disclosure timeline

April 29, 2026 CVE published
April 30, 2026 Record updated