| Title | MOVIE TICKET BOOKING SYSTEM Buffer Overflow in Password Authentication Function v1.0 Buffer Overflow |
|---|
| Description | A stack-based buffer overflow vulnerability exists in the `changeprize` function of the `PRODUCT_MANAGEMENT_SYSTEM`. The vulnerability is caused by the use of `scanf("%s", &pass)` to read user input into a fixed-size buffer `pass[10]`, which can only safely hold 9 characters plus a null terminator. Since `scanf("%s")` does not enforce any length restriction, input of 10 or more bytes will overflow the buffer.
This overflow can lead to memory corruption, overwriting the adjacent hard-coded password buffer `pak[10]`, and potentially tampering with the function’s return address depending on the stack layout. This flaw can be exploited to cause a denial of service (DoS) or execute arbitrary code.
|
|---|
| Source | ⚠️ https://github.com/zzzxc643/cve/blob/main/MOVIE_TICKET_BOOKING_SYSTEM.md |
|---|
| User | zzzxc (UID 81185) |
|---|
| Submission | 04/28/2025 09:04 (1 Year ago) |
|---|
| Moderation | 05/09/2025 13:41 (11 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 306505 [code-projects Simple Movie Ticket Booking System 1.0 changeprize stack-based overflow] |
|---|
| Points | 0 |
|---|