CVE-2020-36967

Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler (SEH) overwrite and execute arbitrary commands on the target system.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.exploit-db.com/exploits/49084
https://www.vulncheck.com/advisories/zortam-mp-media-studio-remote-code-execution-seh
https://www.zortam.com/download.html
https://www.zortam.com/index.html
https://www.exploit-db.com/exploits/49084

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Zortam Mp3 Media Studio 27.60 contiene una vulnerabilidad de desbordamiento de búfer en el proceso de selección de archivos para la creación de librerías que permite la ejecución remota de código. Los atacantes pueden crear un archivo de texto malicioso con shellcode para desencadenar una sobrescritura del controlador de excepciones estructuradas (SEH) y ejecutar comandos arbitrarios en el sistema objetivo.

29 Jan 2026, 19:16

Type	Values Removed	Values Added
References	~~() https://www.exploit-db.com/exploits/49084 -~~	() https://www.exploit-db.com/exploits/49084 -

28 Jan 2026, 18:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-28 18:16

Updated : 2026-04-15 00:35

NVD link : CVE-2020-36967

Mitre link : CVE-2020-36967

CVE.ORG link : CVE-2020-36967

JSON object : View

Products Affected

No product.

CWE

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2020-36967", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.4, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-01-28T18:16:46.970", "references": [{"url": "https://www.exploit-db.com/exploits/49084", "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/zortam-mp-media-studio-remote-code-execution-seh", "source": "disclosure@vulncheck.com"}, {"url": "https://www.zortam.com/download.html", "source": "disclosure@vulncheck.com"}, {"url": "https://www.zortam.com/index.html", "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/49084", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler (SEH) overwrite and execute arbitrary commands on the target system."}, {"lang": "es", "value": "Zortam Mp3 Media Studio 27.60 contiene una vulnerabilidad de desbordamiento de b\u00fafer en el proceso de selecci\u00f3n de archivos para la creaci\u00f3n de librer\u00edas que permite la ejecuci\u00f3n remota de c\u00f3digo. Los atacantes pueden crear un archivo de texto malicioso con shellcode para desencadenar una sobrescritura del controlador de excepciones estructuradas (SEH) y ejecutar comandos arbitrarios en el sistema objetivo."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "disclosure@vulncheck.com"}