| Titre | SourceCodester Simple Computer Store System v1.0 Buffer Overflow |
|---|
| Description | The program uses the unsafe gets() function to read input into the PC.RAM buffer, which is a fixed-size character array (char RAM[100]). Since gets() does not perform any bounds checking, providing more than 100 characters will overflow the buffer and overwrite adjacent memory, leading to a classic stack buffer overflow vulnerability.
An attacker can exploit this by crafting input that overwrites control data such as the return address, enabling arbitrary code execution or program crashes. |
|---|
| La source | ⚠️ https://github.com/byxs0x0/cve/issues/6 |
|---|
| Utilisateur | wanglun (UID 73616) |
|---|
| Soumission | 27/05/2025 04:11 (il y a 11 mois) |
|---|
| Modérer | 28/05/2025 08:16 (1 day later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 310421 [SourceCodester Computer Store System 1.0 main.c Add laptopcompany/RAM/Processor buffer overflow] |
|---|
| Points | 20 |
|---|