Home / Vulnerability Intelligence / CVE-2018-25314

CVE-2018-25314 - Vulnerability Analysis

HighCVSS: 8.4

Last Updated: April 29, 2026

Allok soft WMV to AVI MPEG DVD WMV Converter - Buffer Overflow

Published: April 29, 2026Updated: April 29, 2026

Overview

Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow caused by an oversized string in the License Name field, letting local attackers execute arbitrary code with application privileges, exploit requires local access.

Severity & Score

Severity: High

CVSS Score: 8.4

Impact

Local attackers can execute arbitrary code with application privileges, potentially compromising the system.

Mitigation

Update to the latest version of Allok soft WMV to AVI MPEG DVD WMV Converter.

References

http://www.alloksoft.com
http://www.alloksoft.com/wmv.htm
https://www.exploit-db.com/exploits/44365
https://www.vulncheck.com/advisories/allok-soft-wmv-to-avi-mpeg-dvd-wmv-converter-buffer-overflow

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2018-25314
Severity: High
CVSS Score: 8.4
Type: buffer_overflow
Status: rejected

CWE

CWE-120

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H