CVE-2020-37161

Name of the Vulnerable Software and Affected Versions Wedding Slideshow Studio version 1.36

Description Wedding Slideshow Studio version 1.36 contains a buffer overflow that allows attackers to execute arbitrary code. This is achieved by overwriting the registration name field with a malicious payload. An attacker can craft a specific payload to trigger remote code execution, such as launching system commands like the calculator. The vulnerable parameter is the registration name field.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.