| शीर्षक | **Multiple Stack-Based Buffer Overflow Vulnerabilities in Hospital Management System** v1.0 Buffer Overflow |
|---|
| विवरण | A stack-based buffer overflow vulnerability exists in the add_item function of the PRODUCT_MANAGEMENT_SYSTEM. The vulnerability arises from the use of the unsafe gets() function to populate fixed-size character arrays (name[30] and disease[30]) within the x[100] array. Since gets() does not perform bounds checking, input longer than 29 characters will overflow the buffers.
This overflow can corrupt adjacent memory on the stack, including other patient records within the array, saved registers, local variables, and even the function's return address. As a result, attackers may exploit this flaw to cause a denial of service (DoS) or execute arbitrary code through crafted inputs. |
|---|
| स्रोत | ⚠️ https://github.com/zzzxc643/cve/blob/main/Hospital%20Management%20System.md |
|---|
| उपयोगकर्ता | zzzxc (UID 81185) |
|---|
| सबमिशन | 29/04/2025 07:23 AM (12 महीनों पहले) |
|---|
| संयम | 09/05/2025 02:43 PM (10 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 308215 [code-projects Simple Hospital Management System 1.0 Add Information add x[i].name/x[i].disease बफ़र ओवरफ़्लो] |
|---|
| अंक | 20 |
|---|