| Название | SourceCodester Phone Contact Manager System in C++ with Source Code V1.0 Buffer Pollution |
|---|
| Описание | The function UserInterface::MenuDisplayStart() does not properly handle user input. When a user enters mixed characters (e.g., 1qqqqq), the std::cin >> choice operation successfully parses the numeric portion (1) and leaves the remaining characters (qqqqq) in the input buffer. Subsequent calls to getline(std::cin, name) consume these leftover characters, leading to the unintended assignment of invalid data (qqqqq) to the name variable.
This buffer pollution vulnerability allows invalid input to propagate through the program, causing data corruption and exposing the system to potential security risks. Immediate mitigation is recommended by implementing input validation, clearing the input buffer, and enhancing error handling. |
|---|
| Источник | ⚠️ https://github.com/jasontimwong/CVE/issues/1 |
|---|
| Пользователь | Jason huibin wong (UID 78722) |
|---|
| Представление | 05.12.2024 17:35 (1 Год назад) |
|---|
| Модерация | 08.12.2024 18:08 (3 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 287273 [SourceCodester Phone Contact Manager System 1.0 User Menu MenuDisplayStart Имя эскалация привилегий] |
|---|
| Баллы | 20 |
|---|