Primary

Context

Police FIR Record Management System Stack-Based Buffer Overflow Vulnerability in Delete Record Handler

Vulnerability

A critical stack-based buffer overflow vulnerability has been identified in the Police FIR Record Management System version 1.0. The issue arises in the Delete Record Handler component, where the filename parameter in the deleterecord function can be manipulated without proper length restrictions. This vulnerability requires local exploitation and has been publicly disclosed.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, causing a crash and potentially allowing for arbitrary code execution.

Reproduction

To reproduce this vulnerability, access the application and navigate to the Delete Record function. Enter a payload into the filename parameter that exceeds the 16-byte limit, which will cause a stack overflow. After the overflow, an 'EXCEPTION_ACCESS_VIOLATION' error will be encountered, indicating a successful exploitation.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

4.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

4.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Police FIR Record Management System Stack-Based Buffer Overflow Vulnerability in Delete Record Handler

Vulnerability

Impact

Reproduction

Affected Products

code-projects Police FIR Record Management System

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating