Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.6
CVE-2018-25323: Allok AVI Converter 2.6.1217: Local Code Execution through Text File
CVE-2018-25323
Summary
A security flaw in Allok AVI Converter 2.6.1217 allows an attacker with access to the computer to run malicious code by pasting a specially crafted text file into the software. This can lead to unauthorized changes to the system or data theft. To protect your system, update the software to the latest version or consider replacing it with a more secure alternative.
Original title
Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious pa...
Original description
Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH chain overwrite values, then paste the contents into the License Name field to trigger code execution.
nvd CVSS3.1
8.4
nvd CVSS4.0
8.6
Vulnerability type
CWE-120
Classic Buffer Overflow
Published: 17 May 2026 · Updated: 24 May 2026 · First seen: 17 May 2026