| 제목 | **Multiple Stack-Based Buffer Overflow Vulnerabilities in Hospital Management System** v1.0 Buffer Overflow |
|---|
| 설명 | A stack-based buffer overflow vulnerability exists in the add_item function of the PRODUCT_MANAGEMENT_SYSTEM. The vulnerability arises from the use of the unsafe gets() function to populate fixed-size character arrays (name[30] and disease[30]) within the x[100] array. Since gets() does not perform bounds checking, input longer than 29 characters will overflow the buffers.
This overflow can corrupt adjacent memory on the stack, including other patient records within the array, saved registers, local variables, and even the function's return address. As a result, attackers may exploit this flaw to cause a denial of service (DoS) or execute arbitrary code through crafted inputs. |
|---|
| 원천 | ⚠️ https://github.com/zzzxc643/cve/blob/main/Hospital%20Management%20System.md |
|---|
| 사용자 | zzzxc (UID 81185) |
|---|
| 제출 | 2025. 04. 29. AM 07:23 (12 개월 ago) |
|---|
| 모더레이션 | 2025. 05. 09. PM 02:43 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 308215 [code-projects Simple Hospital Management System 1.0 Add Information add x[i].name/x[i].disease 메모리 손상] |
|---|
| 포인트들 | 20 |
|---|