VYPR
High severity8.4NVD Advisory· Published Mar 28, 2026· Updated Apr 8, 2026

CVE-2018-25225

CVE-2018-25225

Description

SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the return address and executing arbitrary code through return-oriented programming gadgets.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Sipp/Sipp2 versions
    cpe:2.3:a:sipp_project:sipp:3.3:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:sipp_project:sipp:3.3:*:*:*:*:*:*:*
    • (no CPE)range: 3.3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.