CVE-2020-37176
Stack Overflow in Torrent 3GP Converter Enables Code Execution
Publication date: 2026-02-11
Last updated on: 2026-02-12
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| torrentrockyou | torrent_3gp_converter | 1.51 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'Torrent 3GP Converter version 1.51 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler (SEH) registers.'}, {'type': 'paragraph', 'content': 'This vulnerability is triggered when a maliciously crafted payload is input into the application\'s registration dialog, specifically in the "Code:" textbox.'}, {'type': 'paragraph', 'content': 'The exploit uses buffer overflow techniques to overwrite SEH, bypassing certain bad characters and protections, and ultimately executes shellcode that can run arbitrary commands, demonstrated by opening the Windows calculator.'}, {'type': 'paragraph', 'content': 'The vulnerability arises due to improper input handling and the lack of modern exploit mitigations such as ASLR and SafeSEH in the vulnerable executable.'}] [1]
How can this vulnerability impact me? :
An attacker who can locally access the vulnerable Torrent 3GP Converter 1.51 application can exploit this vulnerability to execute arbitrary code on your system.
This means the attacker could potentially run any command or program with the same privileges as the user running the application, leading to system compromise.
The exploit demonstrated opens the calculator application, but a real attacker could use this method to install malware, steal data, or perform other malicious actions.
Because the exploit requires local access and user interaction (pasting the payload into the registration dialog), remote exploitation is not indicated.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability is a local stack overflow in the Torrent 3GP Converter 1.51 application triggered by inputting a crafted payload into the "Code:" textbox in the "Register" dialog. Detection involves verifying if the application is present and testing the registration input for abnormal behavior or crashes.'}, {'type': 'paragraph', 'content': 'Since the exploit is local and targets the Windows platform, network detection is limited. Instead, detection can be done by monitoring the application for crashes or unexpected execution of programs like the Windows calculator (calc.exe) when interacting with the registration dialog.'}, {'type': 'paragraph', 'content': 'Suggested commands or steps to detect the vulnerability include:'}, {'type': 'list_item', 'content': 'Check if Torrent 3GP Converter 1.51 is installed on the system.'}, {'type': 'list_item', 'content': 'Manually open the application and navigate to the "Register" dialog.'}, {'type': 'list_item', 'content': 'Input a crafted payload similar to the one described in the exploit (e.g., using the provided Python script to generate "crash.txt" payload) into the "Code:" textbox.'}, {'type': 'list_item', 'content': 'Observe if the application crashes or if the Windows calculator opens unexpectedly, indicating successful exploitation.'}, {'type': 'paragraph', 'content': 'No specific network commands or automated detection commands are provided in the resources.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'Immediate mitigation steps for this vulnerability include:'}, {'type': 'list_item', 'content': 'Avoid using Torrent 3GP Converter version 1.51 until a patch or update is available.'}, {'type': 'list_item', 'content': 'Do not input untrusted or suspicious data into the application\'s registration dialog, especially in the "Code:" textbox.'}, {'type': 'list_item', 'content': 'If possible, uninstall the vulnerable application to eliminate the risk.'}, {'type': 'list_item', 'content': 'Restrict user permissions to prevent execution of local exploits and limit access to the application.'}, {'type': 'list_item', 'content': 'Monitor the system for unusual behavior such as unexpected application crashes or execution of programs like calc.exe triggered by the application.'}, {'type': 'paragraph', 'content': 'No official patches or updates are mentioned in the provided resources, so these steps focus on risk reduction until a fix is available.'}] [1]