| 标题 | MOVIE TICKET BOOKING SYSTEM Buffer Overflow in Password Authentication Function v1.0 Buffer Overflow |
|---|
| 描述 | A stack-based buffer overflow vulnerability exists in the `changeprize` function of the `PRODUCT_MANAGEMENT_SYSTEM`. The vulnerability is caused by the use of `scanf("%s", &pass)` to read user input into a fixed-size buffer `pass[10]`, which can only safely hold 9 characters plus a null terminator. Since `scanf("%s")` does not enforce any length restriction, input of 10 or more bytes will overflow the buffer.
This overflow can lead to memory corruption, overwriting the adjacent hard-coded password buffer `pak[10]`, and potentially tampering with the function’s return address depending on the stack layout. This flaw can be exploited to cause a denial of service (DoS) or execute arbitrary code.
|
|---|
| 来源 | ⚠️ https://github.com/zzzxc643/cve/blob/main/MOVIE_TICKET_BOOKING_SYSTEM.md |
|---|
| 用户 | zzzxc (UID 81185) |
|---|
| 提交 | 2025-04-28 09時04分 (1 年前) |
|---|
| 管理 | 2025-05-09 13時41分 (11 days later) |
|---|
| 状态 | 重复 |
|---|
| VulDB条目 | 306505 [code-projects Simple Movie Ticket Booking System 1.0 changeprize 内存损坏] |
|---|
| 积分 | 0 |
|---|