CVE-2018-25323 HIGH

CVE-2018-25323: Allok AVI DivX MPEG to DVD Converter 2.6.1217 Buffer Overflow SEH

Vendor Alloksoft
Product Allok AVI DivX MPEG to DVD Converter
Weakness CWE-120
Published May 17, 2026
Last update May 18, 2026

CVSS base score

8.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH chain overwrite values, then paste the contents into the License Name field to trigger code execution.

Key dates

02Disclosure timeline

May 17, 2026 CVE published
May 18, 2026 Record updated