Code-Projects Simple Bus Reservation System Stack-Based Buffer Overflow Vulnerability

A critical stack-based buffer overflow vulnerability has been identified in Code-Projects Simple Bus Reservation System version 1.0. The issue arises in the 'install' function of the 'Install Bus' component, where the 'bus' argument is manipulated without proper bounds checking. This vulnerability allows for local exploitation, potentially leading to arbitrary code execution or a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, which can lead to arbitrary code execution or a denial-of-service condition by causing the application to crash.

Reproduction

The vulnerability can be reproduced by entering a long string of characters that exceeds the buffer size when prompted for a bus number. This input will cause a stack overflow, leading to a crash and an access violation exception.