CVE-2017-8367

high

Published 2017-04-30 · Modified 2026-05-13

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

7.8

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v4 NEW

—

not yet in upstream

VIR risk

7.8

Description

Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio CD Burner, MP3/WAV/OGG/WMA/AC3 to CD Burner, MP3 WAV to CD Burner, My Video Converter, Easy AVI DivX Converter, Easy Video to iPod Converter, Easy Video to PSP Converter, Easy Video to 3GP Converter, Easy Video to MP4 Converter, and Easy Video to iPod/MP4/PSP/3GP Converter allows local attackers to cause a denial of service (SEH overwrite) or possibly have unspecified other impact via a long username.

Predictions

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Application impact

Vendor	Product	Versions
ether_software	easy_avi\/divx\/xvid_to_dvd_burner	`-`
ether_software	easy_avi_divx_converter	`-`
ether_software	easy_cd_dvd_copy	`-`
ether_software	easy_dvd_creator	`-`
ether_software	easy_mov_converter	`-`
ether_software	easy_mov_converter	`1.4.24`
ether_software	easy_mpeg\/avi\/divx\/wmv\/rm_to_dvd	`-`
ether_software	easy_mpeg_to_dvd_burner	`-`
ether_software	easy_rm_rmvb_to_dvd_burner	`-`
ether_software	easy_video_to_3gp_converter	`-`
ether_software	easy_video_to_ipod\/mp4\/psp\/3gp_converter	`-`
ether_software	easy_video_to_ipod_converter	`-`
ether_software	easy_video_to_mp4_converter	`-`
ether_software	easy_video_to_psp_converter	`-`
ether_software	easy_wmv\/asf\/asx_to_dvd_burner	`-`
ether_software	mp3\/avi\/mpeg\/wmv\/rm_to_audio_cd_burner	`-`
ether_software	mp3\/wav\/ogg\/wma\/ac3_to_cd_burner	`-`
ether_software	mp3_wav_to_cd_burner	`-`
ether_software	my_video_converter	`-`

References

CWEs

CWE-119

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.