Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.6
CVE-2018-25322: Allok Fast AVI MPEG Splitter 1.2 can run malicious code when given a special license name
CVE-2018-25322
Summary
A security issue in Allok Fast AVI MPEG Splitter 1.2 allows an attacker to run unauthorized code on a local computer. This could potentially be used to access or modify sensitive data. Update to the latest version of the software to fix this issue.
Original title
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers c...
Original description
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the License Name field to trigger the overflow and execute code with application privileges.
nvd CVSS3.1
8.4
nvd CVSS4.0
8.6
Vulnerability type
CWE-121
Stack-based Buffer Overflow
Published: 17 May 2026 · Updated: 24 May 2026 · First seen: 17 May 2026