Vulnerability Details CVE-2018-25212
Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH chain and achieve code execution on Windows systems.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.4%
CVSS Severity
CVSS v3 Score 8.4
References
Products affected by CVE-2018-25212
-
cpe:2.3:a:boxoft:wav_to_wma_converter:1.0