| Titel | HOTEL_MANAGEMENT_SYSTEM stack overflow in edit function v1.0 Buffer Overflow |
|---|
| Beschreibung | The `edit()` function contains **two critical buffer overflow vulnerabilities** due to unsafe usage of:
1. `scanf("%[^\n]", roomnumber)` (no length restriction)
2. `gets(s.roomnumber)` (deprecated and highly unsafe)
An attacker can exploit these to **overwrite adjacent memory**, leading to **arbitrary code execution (RCE)** or **program crash (DoS)**.
|
|---|
| Quelle | ⚠️ https://github.com/zzzxc643/cve/blob/main/HOTEL_MANAGEMENT_SYSTEM.md |
|---|
| Benutzer | zzzxc (UID 81185) |
|---|
| Einreichung | 29.04.2025 07:25 (vor 12 Monaten) |
|---|
| Moderieren | 09.05.2025 14:44 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 308216 [code-projects Hotel Management System 1.0 Edit Room edit roomnumber Pufferüberlauf] |
|---|
| Punkte | 19 |
|---|