8.6
CVE-2018-25260
- EPSS 0.21%
- Veröffentlicht 22.04.2026 14:56:57
- Zuletzt bearbeitet 29.04.2026 23:32:32
- Quelle disclosure@vulncheck.com
- CVE-Watchlists
- Unerledigt
LoginMAGIX Music Editor 3.1 Buffer Overflow via SEH
MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload, paste it into the Server field via the CD menu's FreeDB Proxy Options, and trigger code execution when settings are accepted.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Magix ≫ Music Editor Deluxe Version <= 3.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.116 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| disclosure@vulncheck.com | 8.6 | 0 | 0 |
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| disclosure@vulncheck.com | 8.4 | 2.5 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://www.exploit-db.com/exploits/46056
https://www.magix.com/us/
https://www.magix.com/us/music/mp3-deluxe/
https://www.vulncheck.com/advisories/magix-music-editor-buffer-overflow-via-seh