Buffer Overflow

Buffers provide a temporary area for programs to store data. A buffer overflow, also known as a buffer overrun, is when a program overruns a buffer's boundary and overwrites adjacent memory locations in the process. When more data than was originally allocated to be stored gets placed by a program or system process, the extra data “overflows,” causing some of that data to leak out into other buffers, in this way overwriting or corrupting the data they were holding.

Types of buffer overflow attacks

There are two types of buffer overflows attacks: stack-based and heap-based. Heap-based buffer overflows attack an application by flooding the memory space reserved for a program. Stack-based buffer overflows, which are more common among attackers, exploit applications and programs by using what is known as a stack, the memory space used to store user input.

What is a buffer overflow attack?

A buffer overflow attack is designed to exploit a buffer overflow vulnerability that allows the inclusion of extra data holding specific instructions for the desired actions of a hacker or malicious user; for example, the data could trigger a buffer overflow exploit, causing actions that damage files, change data, or even reveal sensitive/private information.