CVE-2020-37013

Sažetak

Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler (SEH) to execute shellcode when pasting specially crafted input into the application's input fields.

Reference

https://archive.org/details/tucows_288670_Audio_Playback_Recorder
https://web.archive.org/web/20210105222148/https://whitecr0wz.github.io/assets/img/Findings11/11-proof.gif
https://www.exploit-db.com/exploits/48796
https://www.vulncheck.com/advisories/audio-playback-recorder-local-buffer-overflow-seh
https://www.exploit-db.com/exploits/48796

CVSS

Base:	8.4
Impact:	5.9
Exploitability:	2.5

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

29-01-2026 - 17:16

Objavljeno

29-01-2026 - 15:16