

Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a remote attacker to execute arbitrary code via the lab3 of csapp,lab3/ component.

Additional Information

CNVD has completed verification of this vulnerability, but it has not been publicly disclosed because the vulnerability has not been fixed.

Vulnerability Type

Buffer Overflow

Vendor of Product

CSAPP_Lab (Lab of CS:APP3e)

Affected Product Code Base

CSAPP Lab3 - 15-213, Fall 20xx (There's only one version.)

Affected Component

lab3 of csapp,lab3/

Attack Vectors

If the server deploys lab3 of csapp_lab, an attacker can access a specific URL to execute arbitrary code.


Yuchao He, Yijie Xun, Jiajia Liu, Yuwei Yang, Bomin Mao, Hongzhi Guo (all discoverers from Northwestern Polytechnical University)


For the POC, refer to another file in the same folder.