Boxoft: Security Vulnerabilities
Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH chain and achieve code execution on Windows systems.
CVSS Score
8.6
EPSS Score
0.0
Published
2026-03-26
Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted WAV file.
CVSS Score
7.5
EPSS Score
0.733
Published
2015-09-18