A vulnerability classified as critical was found in code-projects Simple Hospital Management System 1.0. Affected by this vulnerability is the function Add of the component Add Information. The manipulation of the argument x[i].name/x[i].disease leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 28 May 2025 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Fabianros
Fabianros simple Hospital Management System
Weaknesses CWE-787
CPEs cpe:2.3:a:fabianros:simple_hospital_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Fabianros
Fabianros simple Hospital Management System

Mon, 12 May 2025 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sat, 10 May 2025 11:45:00 +0000

Type Values Removed Values Added
Description A vulnerability classified as critical was found in code-projects Simple Hospital Management System 1.0. Affected by this vulnerability is the function Add of the component Add Information. The manipulation of the argument x[i].name/x[i].disease leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Title code-projects Simple Hospital Management System Add Information add stack-based overflow
Weaknesses CWE-119
CWE-121
References
Metrics cvssV2_0

{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-05-12T22:08:07.516Z

Reserved: 2025-05-09T12:43:04.032Z

Link: CVE-2025-4499

cve-icon Vulnrichment

Updated: 2025-05-12T21:47:59.921Z

cve-icon NVD

Status : Analyzed

Published: 2025-05-10T12:15:36.463

Modified: 2025-05-28T19:24:12.107

Link: CVE-2025-4499

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.