# CVE-2018-25267

> Vulnerability · severity: **MEDIUM** (CVSS 6.2).

## Description

UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite values and paste it into the Output FileName field to trigger a denial of service crash.

## Key facts

- **CVE ID:** CVE-2018-25267
- **Published:** 2026-04-22
- **CVSS severity:** MEDIUM
- **CVSS base score:** 6.2
- **CWE codes:** CWE-787

## Affected products

- `ezbsystems:ultraiso`

## Primary sources

- NIST NVD: https://nvd.nist.gov/vuln/detail/CVE-2018-25267

## Citation

> AI Analytics. CVE-2018-25267. Retrieved 2026-06-26 from https://api.ai-analytics.org/cve/CVE-2018-25267. Derived from NIST NVD. Licensed CC0.

---

*[Dataset catalog](https://api.ai-analytics.org/datasets/) · [AI Analytics](https://api.ai-analytics.org/) · CC0 1.0*