| عنوان | HOTEL_MANAGEMENT_SYSTEM stack overflow in edit function v1.0 Buffer Overflow |
|---|
| الوصف | The `edit()` function contains **two critical buffer overflow vulnerabilities** due to unsafe usage of:
1. `scanf("%[^\n]", roomnumber)` (no length restriction)
2. `gets(s.roomnumber)` (deprecated and highly unsafe)
An attacker can exploit these to **overwrite adjacent memory**, leading to **arbitrary code execution (RCE)** or **program crash (DoS)**.
|
|---|
| المصدر | ⚠️ https://github.com/zzzxc643/cve/blob/main/HOTEL_MANAGEMENT_SYSTEM.md |
|---|
| المستخدم | zzzxc (UID 81185) |
|---|
| ارسال | 29/04/2025 07:25 AM (12 أشهر منذ) |
|---|
| الاعتدال | 09/05/2025 02:44 PM (10 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 308216 [code-projects Hotel Management System 1.0 Edit Room edit roomnumber تلف الذاكرة] |
|---|
| النقاط | 19 |
|---|