CVE-2018-25356

Received Received - Intake

BaseFortify

Publication date: 2026-05-23

Last updated on: 2026-05-23

Assigner: VulnCheck

Description

SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can trigger the vulnerability by supplying oversized input to the -3pcc, -i, or -log_file parameters, causing strcpy to write beyond buffer boundaries in sipp.cpp.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-05-23

Last Modified

2026-05-23

Generated

2026-05-26

EPSS Evaluated

N/A

NVD

CVE-2018-25356

EUVD

EUVD-2018-21877

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-120	The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

Attack-Flow Graph

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2018-25356

BaseFortify

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

Ask Our AI Assistant

EPSS Chart