Vulnerability Details CVE-2020-37161
Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the registration name field with malicious payload. Attackers can craft a specially designed payload to trigger remote code execution, demonstrating the ability to run system commands like launching the calculator.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.4%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2020-37161
-
cpe:2.3:a:wedding-slideshow-studio:wedding_slideshow_studio:*