{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/alloksoft/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":8.4,"id":"CVE-2018-25315"}],"_cs_exploited":false,"_cs_products":["Video joiner 4.6.1217"],"_cs_severities":["high"],"_cs_tags":["buffer-overflow","code-execution","cve-2018-25315","windows"],"_cs_type":"advisory","_cs_vendors":["Alloksoft"],"content_html":"\u003cp\u003eAlloksoft Video Joiner version 4.6.1217 is susceptible to a buffer overflow vulnerability (CVE-2018-25315). This vulnerability allows a local attacker to execute arbitrary code on a vulnerable system. The attack involves crafting a malicious string and supplying it to the \u0026ldquo;License Name\u0026rdquo; field of the application during registration. Exploitation occurs due to the application\u0026rsquo;s failure to properly validate the length of the input, allowing a buffer overflow to occur. The attacker leverages Structured Exception Handler (SEH) overwrite and injects shellcode to gain code execution in the context of the application. This vulnerability was reported in April 2026.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker gains local access to a system with Alloksoft Video Joiner 4.6.1217 installed.\u003c/li\u003e\n\u003cli\u003eThe attacker identifies the \u0026ldquo;License Name\u0026rdquo; field within the application\u0026rsquo;s registration process as a potential vulnerability point.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious string that exceeds the expected buffer size for the \u0026ldquo;License Name\u0026rdquo; field.\u003c/li\u003e\n\u003cli\u003eThe malicious string includes an SEH overwrite payload, redirecting execution flow to the attacker\u0026rsquo;s controlled memory.\u003c/li\u003e\n\u003cli\u003eThe crafted string also contains shellcode designed to perform arbitrary code execution.\u003c/li\u003e\n\u003cli\u003eThe attacker inputs the malicious string into the \u0026ldquo;License Name\u0026rdquo; field and submits the registration form.\u003c/li\u003e\n\u003cli\u003eThe application attempts to process the oversized string, triggering a buffer overflow.\u003c/li\u003e\n\u003cli\u003eThe SEH overwrite redirects execution to the injected shellcode, granting the attacker arbitrary code execution within the context of the Alloksoft Video Joiner process.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this buffer overflow vulnerability allows a local attacker to execute arbitrary code with the privileges of the Alloksoft Video Joiner application. This could lead to complete system compromise, data theft, or installation of malware. While the specific number of affected users is unknown, any system running the vulnerable version of the software is at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor process creations for \u003ccode\u003eVideoJoiner.exe\u003c/code\u003e spawning unusual child processes, indicative of code execution stemming from the overflow.\u003c/li\u003e\n\u003cli\u003eConsider deploying network egress rules to block connections originating from \u003ccode\u003eVideoJoiner.exe\u003c/code\u003e to external IPs to prevent command and control.\u003c/li\u003e\n\u003cli\u003eImplement application control policies to prevent the execution of unsigned or untrusted code within the context of \u003ccode\u003eVideoJoiner.exe\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-29T20:16:27Z","date_published":"2026-04-29T20:16:27Z","id":"/briefs/2026-04-alloksoft-overflow/","summary":"Alloksoft Video Joiner 4.6.1217 is vulnerable to a local buffer overflow (CVE-2018-25315) allowing attackers to execute arbitrary code via a crafted license name.","title":"Alloksoft Video Joiner Buffer Overflow Vulnerability (CVE-2018-25315)","url":"https://feed.craftedsignal.io/briefs/2026-04-alloksoft-overflow/"},{"_cs_actors":[],"_cs_cves":[{"cvss":8.4,"id":"CVE-2018-25303"}],"_cs_exploited":false,"_cs_products":["Allok Video to DVD Burner 2.6.1217"],"_cs_severities":["high"],"_cs_tags":["cve","buffer overflow","seh overwrite"],"_cs_type":"advisory","_cs_vendors":["AllokSoft"],"content_html":"\u003cp\u003eA stack-based buffer overflow vulnerability exists in Allok Video to DVD Burner version 2.6.1217. This vulnerability, identified as CVE-2018-25303, resides within the \u0026ldquo;License Name\u0026rdquo; field of the application. A local attacker can exploit this flaw by crafting a malicious input designed to overwrite the Structured Exception Handler (SEH). Successful exploitation enables the attacker to execute arbitrary code within the context of the application. The vulnerability was reported on 2026-04-29. This is important for defenders because successful exploitation can lead to complete system compromise on vulnerable machines.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker gains local access to a system with Allok Video to DVD Burner 2.6.1217 installed.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious input string consisting of 780 bytes of arbitrary data.\u003c/li\u003e\n\u003cli\u003eThe attacker appends SEH chain pointers and shellcode to the crafted input string.\u003c/li\u003e\n\u003cli\u003eThe attacker opens the Allok Video to DVD Burner application and navigates to the registration window.\u003c/li\u003e\n\u003cli\u003eThe attacker pastes the malicious input string into the \u0026ldquo;License Name\u0026rdquo; field.\u003c/li\u003e\n\u003cli\u003eThe application attempts to process the oversized input, triggering the buffer overflow.\u003c/li\u003e\n\u003cli\u003eThe SEH is overwritten with the attacker\u0026rsquo;s controlled pointers.\u003c/li\u003e\n\u003cli\u003eThe shellcode is executed, giving the attacker arbitrary code execution on the system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows a local attacker to execute arbitrary code within the context of the Allok Video to DVD Burner application. This could lead to complete system compromise, including data theft, installation of malware, or other malicious activities. The vulnerability affects version 2.6.1217 of the software. The number of potential victims depends on the number of installations of the vulnerable software.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor process creations for Allok Video to DVD Burner and unusual child processes using the process creation rule below.\u003c/li\u003e\n\u003cli\u003eMonitor for registry modifications performed by the vulnerable application that may indicate persistence.\u003c/li\u003e\n\u003cli\u003eDue to the age of the application, consider whether it should continue to be used within the environment.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-29T20:16:25Z","date_published":"2026-04-29T20:16:25Z","id":"/briefs/2026-04-allok-video-buffer-overflow/","summary":"Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability (CVE-2018-25303) in the License Name field, allowing a local attacker to execute arbitrary code by triggering a structured exception handler (SEH) overwrite.","title":"Allok Video to DVD Burner Stack-Based Buffer Overflow Vulnerability (CVE-2018-25303)","url":"https://feed.craftedsignal.io/briefs/2026-04-allok-video-buffer-overflow/"}],"language":"en","title":"CraftedSignal Threat Feed — AllokSoft","version":"https://jsonfeed.org/version/1.1"}