CVE-2018-25222
Stack-Based Buffer Overflow in SC v7.16 Enables Code Execution
Publication date: 2026-03-28
Last updated on: 2026-03-28
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibiblio | sc | to 7.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows local attackers to execute arbitrary code with high impact on confidentiality, integrity, and availability of the affected system.
Such a compromise could lead to unauthorized access or modification of sensitive data, which may result in non-compliance with data protection regulations like GDPR and HIPAA that require safeguarding personal and health information.
However, the provided information does not explicitly describe the direct effects on compliance with these standards.
Can you explain this vulnerability to me?
CVE-2018-25222 is a stack-based buffer overflow vulnerability in SC version 7.16 and earlier. It occurs because the application does not properly check the boundaries of user-supplied input, allowing an attacker to provide input longer than 1052 bytes.
This oversized input can overwrite the instruction pointer on the stack, enabling the attacker to execute arbitrary code within the context of the application.
If exploitation fails, the application may crash due to a segmentation fault.
How can this vulnerability impact me? :
This vulnerability allows a local attacker to execute arbitrary code with the privileges of the vulnerable application.
- Execution of attacker-controlled shellcode can lead to full compromise of the application.
- If exploitation fails, it can cause a denial-of-service (DoS) condition by crashing the application.
The CVSS v4 base score of 8.6 reflects high impact on confidentiality, integrity, and availability.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to run the vulnerable SC binary with an input string exceeding 1052 bytes to observe if a stack-based buffer overflow occurs.
A practical detection method is to execute a crafted buffer as an argument to the vulnerable binary `/usr/bin/sc` and monitor for crashes or segmentation faults (SIGSEGV), which indicate buffer overflow exploitation attempts.
- Use a command to run `/usr/bin/sc` with a crafted input buffer of over 1052 bytes, for example by creating a payload with a NOP sled and shellcode, then passing it as an argument.
- Monitor system logs or use debugging tools (e.g., gdb) to detect segmentation faults or abnormal termination of the SC process.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting local access to the vulnerable SC application to prevent untrusted users from supplying oversized input.
Avoid running the vulnerable SC version 7.16 or earlier until a patched version is available.
Monitor and limit input sizes to the SC application to ensure they do not exceed 1052 bytes, preventing buffer overflow conditions.
Consider applying any available patches or updates from the vendor or switching to a more secure spreadsheet application.