Vulnerabilities ›

CVE-2018-25315

High

CWE-120 — Weakness Type

                    Published: Apr 29, 2026                      ·  Modified: May 6, 2026                      ·  Source: NVD                

CVSS v3

8.4

🔗 NVD Official

📄 Description (English)

Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with structured exception handler (SEH) overwrite and shellcode to achieve code execution when the application processes the license registration input.

🤖 AI Executive Summary

CVE-2018-25315 is a local buffer overflow vulnerability in Alloksoft Video Joiner 4.6.1217 that allows attackers with local access to execute arbitrary code through a malicious License Name field. The vulnerability exploits SEH overwrite mechanisms to inject and execute shellcode, posing a significant risk to systems where this video processing software is installed. With a CVSS score of 8.4 and no available patch, this represents a persistent threat requiring immediate mitigation.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 4, 2026 09:36

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability primarily affects Saudi organizations using Alloksoft Video Joiner for media processing, including: media production companies, government media departments (under GCAM), educational institutions with video production labs, and corporate communications departments. The local execution requirement limits exposure but poses significant risk in shared workstation environments common in Saudi enterprises. Government agencies and critical infrastructure organizations should assess usage and implement compensating controls immediately.

🏢 Affected Saudi Sectors

Media and Broadcasting Government (GCAM, NCA) Education Corporate Communications Entertainment Production

🎯 MITRE ATT&CK Techniques

T1055 - Process Injection T1574 - Hijack Execution Flow T1059 - Command and Scripting Interpreter T1106 - Native API

⚖️ Saudi Risk Score (AI)

6.8

/ 10.0

🔧 Remediation Steps (English)

1. IMMEDIATE ACTIONS:

   - Inventory all systems running Alloksoft Video Joiner 4.6.1217

   - Restrict local access to systems with this software installed

   - Disable or uninstall the application if not critical to operations

   - Implement application whitelisting to prevent unauthorized execution



2. COMPENSATING CONTROLS:

   - Deploy Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) at OS level

   - Restrict user privileges on systems running the vulnerable software

   - Monitor process creation and memory injection attempts

   - Implement file integrity monitoring on application directories



3. DETECTION RULES:

   - Monitor for Alloksoft Video Joiner process spawning cmd.exe or powershell.exe

   - Alert on SEH chain modifications in memory

   - Track unusual file writes to system directories from video joiner process

   - Monitor registry modifications from the application



4. LONG-TERM:

   - Evaluate alternative video processing solutions

   - Contact vendor for security updates or migration path

   - Implement endpoint detection and response (EDR) solutions

🔧 خطوات المعالجة (العربية)

1. الإجراءات الفورية:

   - حصر جميع الأنظمة التي تعمل بـ Alloksoft Video Joiner 4.6.1217

   - تقييد الوصول المحلي للأنظمة التي يتم تثبيت هذا البرنامج عليها

   - تعطيل أو إلغاء تثبيت التطبيق إذا لم يكن حرجاً للعمليات

   - تطبيق قائمة بيضاء للتطبيقات لمنع التنفيذ غير المصرح به



2. الضوابط التعويضية:

   - نشر Data Execution Prevention (DEP) و Address Space Layout Randomization (ASLR) على مستوى نظام التشغيل

   - تقييد امتيازات المستخدم على الأنظمة التي تعمل بالبرنامج الضعيف

   - مراقبة إنشاء العمليات ومحاولات حقن الذاكرة

   - تطبيق مراقبة سلامة الملفات على مجلدات التطبيق



3. قواعد الكشف:

   - مراقبة عملية Alloksoft Video Joiner التي تنتج cmd.exe أو powershell.exe

   - تنبيهات على تعديلات سلسلة SEH في الذاكرة

   - تتبع عمليات الكتابة غير العادية للمجلدات النظامية من عملية معالج الفيديو

   - مراقبة تعديلات السجل من التطبيق



4. المدى الطويل:

   - تقييم حلول معالجة الفيديو البديلة

   - الاتصال بالمورد للحصول على تحديثات الأمان أو مسار الترحيل

   - تطبيق حلول الكشف والاستجابة على نقطة النهاية (EDR)

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.5.1.1 - Information security policies and procedures A.8.1.1 - User access management A.12.2.1 - Change management procedures A.12.6.1 - Management of technical vulnerabilities

🔵 SAMA CSF

ID.RA-1 - Asset management and vulnerability identification PR.IP-12 - Software, firmware, and information integrity mechanisms DE.CM-8 - Vulnerability scans are performed

🟡 ISO 27001:2022

A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development policy A.5.1.1 - Information security policies

🔗 References & Sources 4

🔗

http://www.alloksoft.com

disclosure@vulncheck.com

🔗

http://www.alloksoft.com/joiner.htm

disclosure@vulncheck.com

🔗

https://www.exploit-db.com/exploits/44364

disclosure@vulncheck.com

🔗

https://www.vulncheck.com/advisories/alloksoft-video-joiner-buffer-overflow-via-license...

disclosure@vulncheck.com

📊 CVSS Score

8.4

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityH — High

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score8.4

CWECWE-120

EPSS0.01%

Exploit No

Patch ✗ No

Published 2026-04-29

Source Feed nvd

🇸🇦 Saudi Risk Score

6.8

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-120

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2018-25315

💬 Comments

Introduce Yourself

Sign In Required