| 标题 | Multiple Buffer Overflow Vulnerabilities in SIMPLE COLLEGE MANAGEMENT SYSTEM v1.0 Buffer Overflow |
|---|
| 描述 | A stack-based buffer overflow vulnerability exists due to the use of the unsafe `gets()` function to read input into fixed-size buffers `name[80]` and `branch[50]`. Since `gets()` does not perform any length checking, inputs exceeding 79 characters for `name` or 49 characters for `branch` will overflow the respective buffers.
This can result in the corruption of adjacent stack variables, including other student records, as well as overwriting the function’s return address or other control flow data. The vulnerability can be exploited to cause a denial of service (DoS) or potentially allow arbitrary code execution through carefully crafted input. |
|---|
| 来源 | ⚠️ https://github.com/zzzxc643/cve/blob/main/SIMPLE_COLLEGE_MANAGEMENT_SYSTEM.md |
|---|
| 用户 | zzzxc (UID 81185) |
|---|
| 提交 | 2025-04-28 09時03分 (1 年前) |
|---|
| 管理 | 2025-05-09 13時40分 (11 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 308194 [code-projects Simple College Management System 1.0 Add New Student input name/branch 内存损坏] |
|---|
| 积分 | 20 |
|---|