Search
Search Results (7 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25373 | 1 Socusoft | 1 Dvd Photo Slideshow Professional | 2026-05-26 | 8.4 High |
| SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability in the registration name field that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious text file with carefully constructed payload containing junk bytes, SEH chain overwrite, and shellcode, then paste the contents into the Registration Name field via Help > Register to trigger code execution. | ||||
| CVE-2018-25375 | 1 Socusoft | 1 Ipod Photo Slideshow | 2026-05-26 | 8.4 High |
| SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft malicious input in the Registration Name and Registration Key fields to trigger a stack-based buffer overflow and execute a reverse shell payload. | ||||
| CVE-2018-25376 | 1 Socusoft | 1 3gp Photo Slideshow | 2026-05-26 | 8.4 High |
| Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft malicious input in the Registration Name and Registration Key fields to overwrite the SEH chain and execute shellcode for reverse shell access. | ||||
| CVE-2019-25689 | 3 Bplugins, Html5videoplayer, Socusoft | 3 Html5 Video Player, Html5 Video Player, Html5 Video Player | 2026-04-17 | 8.4 High |
| HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigger code execution and spawn a calculator process. | ||||
| CVE-2020-37028 | 1 Socusoft | 1 Photo 2 Video Converter | 2026-03-05 | 8.4 High |
| Socusoft Photo to Video Converter Professional 8.07 contains a local buffer overflow vulnerability in the 'Output Folder' input field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the output folder field to trigger a stack-based buffer overflow and potentially execute shellcode. | ||||
| CVE-2017-12439 | 1 Socusoft | 1 Flash Slideshow Maker | 2025-04-20 | 7.5 High |
| SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xml_path HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. This has resultant content forgery, cross site scripting, and unvalidated redirection issues. | ||||
| CVE-2019-1010163 | 1 Socusoft | 1 Photo 2 Video Converter | 2024-11-21 | N/A |
| Socusoft Co Photo 2 Video Converter 8.0.0 is affected by: Buffer Overflow - Local shell-code execution and Denial of Service. The impact is: Local privilege escalation (dependant upon conditions), shell code execution and denial-of-service. The component is: pdmlog.dll library. The attack vector is: The attacker must have access to local system (either directly, or remotley). | ||||
Page 1 of 1.