Code-Projects Student Information Management System Stack-Based Buffer Overflow Vulnerability

A stack-based buffer overflow vulnerability has been identified in Code-Projects Student Information Management System version 1.0. The issue arises in the 'cancel' function, where manipulation of the 'first_name' or 'last_name' arguments can lead to memory corruption. This vulnerability requires local exploitation and could potentially be used to execute arbitrary code.

Impact

Exploitation of this vulnerability causes a denial-of-service condition and could allow for arbitrary code execution, depending on the attacker's skill and intent.

Reproduction

To reproduce this vulnerability, access the 'cancel' function within the application. Manipulate the 'first_name' or 'last_name' arguments with carefully crafted input that exceeds the buffer size, causing a stack-based overflow. This can be done locally, given the nature of the vulnerability.