{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2018-25212", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-26T13:13:57.189Z", "datePublished": "2026-03-26T13:24:13.757Z", "dateUpdated": "2026-03-26T13:24:13.757Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-26T13:24:13.757Z"}, "datePublic": "2018-07-08T00:00:00.000Z", "title": "Boxoft wav-wma Converter 1.0 Local Buffer Overflow SEH", "descriptions": [{"lang": "en", "value": "Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH chain and achieve code execution on Windows systems."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "Boxoft", "product": "WAV to WMA Converter", "versions": [{"version": "1.0", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.6, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/44989", "name": "ExploitDB-44989", "tags": ["exploit"]}, {"url": "http://www.boxoft.com/wav-to-wma/", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: Boxoft wav-wma Converter 1.0 Local Buffer Overflow SEH", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/boxoft-wav-wma-converter-local-buffer-overflow-seh"}], "credits": [{"lang": "en", "value": "Achilles", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH chain and achieve code execution on Windows systems."}], "id": "CVE-2018-25212", "lastModified": "2026-03-26T15:13:15.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-26T14:16:04.740", "references": [{"source": "disclosure@vulncheck.com", "url": "http://www.boxoft.com/wav-to-wma/"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/44989"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/boxoft-wav-wma-converter-local-buffer-overflow-seh"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "wav_to_wma_converter", "vendor": "boxoft"}], "analysis": {"en": {"generated_at": "2026-03-26T15:29:51.143847+00:00", "value": {"mitigation_remediation": ["Check the Boxoft website or vendor portal for an updated version or patch that addresses the buffer overflow.", "If no patch is available, uninstall or disable the WAV to WMA Converter to prevent its use.", "Do not open or process WAV files from untrusted sources until the vulnerability is addressed."], "summary": {"action": "Immediate Patch", "impact": "Local code execution via SEH buffer overflow"}, "threat_synthesis": {"affected_systems": "The affected product is Boxoft\u2019s WAV to WMA Converter, version 1.0, which runs on Windows operating systems. No other versions or products were mentioned in the advisory; the exploitation relies on the Windows SEH mechanism.", "description_and_impact": "Boxoft wav-wma Converter version 1.0 contains a local buffer overflow in its structured exception handling (SEH) logic. A malicious WAV file with excessive data can overwrite the SEH chain and redirect execution to a Return-Oriented Programming chain created by an attacker, resulting in arbitrary code execution with the privileges of the user running the converter. The flaw corresponds to CWE-787, a classic buffer overrun that directly leads to code execution.", "risk_and_exploitability": "The CVSS score of 8.6 indicates high severity, and the vulnerability is not listed in the KEV catalog. EPSS information was not published. The exploit requires local file access or the ability to influence which file the converter opens; the description implies that a specially crafted WAV file can trigger the buffer overflow when opened. This inference is based on the stated need to supply such a file and is not explicitly confirmed in the advisory. If an attacker can supply or persuade a user to open a malicious file, the vulnerability can be exploited without authentication."}}}}, "created": "2026-03-27T08:34:29.547297+00:00", "updated": "2026-03-27T09:28:18.030897+00:00", "vendors": ["boxoft", "boxoft$PRODUCT$wav_to_wma_converter"]}