top of page
perceptive_background_267k.jpg

Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local attackers to bypass DEP protection via stru…

Published:

28 mei 2026 om 22:00:00

Alert date:

29 mei 2026 om 17:11:09

Source:

nvd.nist.gov

Click to open the original link from this advisory

Enterprise Applications

CVE-2018-25383 affects Free MP3 CD Ripper 2.8, containing a stack-based buffer overflow vulnerability in WMA file processing. Local attackers can exploit this by crafting malicious WMA files that trigger the overflow when loaded through the Convert function. The vulnerability allows bypassing DEP protection through structured exception handling manipulation. Successful exploitation enables arbitrary code execution via ROP chain gadgets and shellcode injection. This represents a significant security risk for users of the affected software version.

Technical details

Mitigation steps:

Affected products:

Free MP3 CD Ripper

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2018-25383
http://www.commentcamarche.net/download/telecharger-34082200-free-mp3-cd-ripper
https://www.exploit-db.com/exploits/45565
https://www.vulncheck.com/advisories/free-mp3-cd-ripper-buffer-overflow-seh-dep-bypass

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page