CVE-2018-25383NVD

Vulnerability Summary

Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local attackers to bypass DEP protection via structured exception handling manipulation. Attackers can craft a malicious WMA file that triggers the overflow when loaded through the Convert function, enabling execution of arbitrary code through ROP chain gadgets and shellcode injection.

Severity Level

HIGH(8.4)

Published Date

May 29, 2026

Last Modified

May 29, 2026

Exploitation Status

UNKNOWN

CVSS v3.1 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

ScopeUnchanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

External References

https://www.exploit-db.com/exploits/45565
http://www.commentcamarche.net/download/telecharger-34082200-free-mp3-cd-ripper
https://www.vulncheck.com/advisories/free-mp3-cd-ripper-buffer-overflow-seh-dep-bypass