PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary…

CVE-2018-25218 affects PassFab RAR Password Recovery version 9.3.2, containing a structured exception handler (SEH) buffer overflow vulnerability. Local attackers can execute arbitrary code by supplying a malicious payload through the 'Licensed E-mail and Registration Code' field during registration. The vulnerability allows crafting of payloads with buffer overflow, NSEH jump, and shellcode components. This represents a significant security risk for users of the affected password recovery software. The vulnerability has been documented with proof-of-concept exploits available.