CVE-2018-25211

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2018-25211
Allok Video Splitter 3.1.1217 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service or execute arbitrary code by supplying an oversized string in the License Name field. Attackers can craft a malicious payload exceeding 780 bytes, paste it into the License Name registration field, and trigger the overflow when the Register button is clicked.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://www.alloksoft.com/ Product
https://www.exploit-db.com/exploits/44605 Exploit VDB Entry
https://www.vulncheck.com/advisories/allok-video-splitter-buffer-overflow-via-license-name Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:alloksoft:video_splitter:3.1.1217:*:*:*:*:*:*:*
History

27 Mar 2026, 18:27

Type Values Removed Values Added
References () http://www.alloksoft.com/ - () http://www.alloksoft.com/ - Product
References () https://www.exploit-db.com/exploits/44605 - () https://www.exploit-db.com/exploits/44605 - Exploit, VDB Entry
References () https://www.vulncheck.com/advisories/allok-video-splitter-buffer-overflow-via-license-name - () https://www.vulncheck.com/advisories/allok-video-splitter-buffer-overflow-via-license-name - Third Party Advisory
CPE cpe:2.3:a:alloksoft:video_splitter:3.1.1217:*:*:*:*:*:*:*
Summary
  • (es) Allok Video Splitter 3.1.1217 contiene una vulnerabilidad de desbordamiento de búfer que permite a atacantes locales causar una denegación de servicio o ejecutar código arbitrario al proporcionar una cadena de tamaño excesivo en el campo Nombre de Licencia. Los atacantes pueden crear una carga útil maliciosa que exceda los 780 bytes, pegarla en el campo de registro Nombre de Licencia y activar el desbordamiento cuando se hace clic en el botón Registrar.
First Time Alloksoft
Alloksoft video Splitter

26 Mar 2026, 14:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-26 14:16

Updated : 2026-03-27 18:27

NVD link : CVE-2018-25211

Mitre link : CVE-2018-25211

CVE.ORG link : CVE-2018-25211

JSON object : View

Products Affected

alloksoft

  • video_splitter
CWE
CWE-787

Out-of-bounds Write