| Название | SourceCodester Simple Computer Store System v1.0 Buffer Overflow |
|---|
| Описание | The program uses the unsafe gets() function to read input into the PC.RAM buffer, which is a fixed-size character array (char RAM[100]). Since gets() does not perform any bounds checking, providing more than 100 characters will overflow the buffer and overwrite adjacent memory, leading to a classic stack buffer overflow vulnerability.
An attacker can exploit this by crafting input that overwrites control data such as the return address, enabling arbitrary code execution or program crashes. |
|---|
| Источник | ⚠️ https://github.com/byxs0x0/cve/issues/6 |
|---|
| Пользователь | wanglun (UID 73616) |
|---|
| Представление | 27.05.2025 04:11 (11 месяцы назад) |
|---|
| Модерация | 28.05.2025 08:16 (1 day later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 310421 [SourceCodester Computer Store System 1.0 main.c Add laptopcompany/RAM/Processor повреждение памяти] |
|---|
| Баллы | 20 |
|---|