WHAT IS BUFFER OVERFLOW?
Buffers provide a temporary area for programs to store data. A buffer overflow, also known as a buffer overrun, is when a program overruns a buffer's boundary and overwrites adjacent memory locations in the process. When more data than was originally allocated to be stored gets placed by a program or system process, the extra data “overflows,” causing some of that data to leak out into other buffers, in this way overwriting or corrupting the data they were holding.
There are two types of buffer overflows: stack-based and heap-based. Heap-based buffer overflows attack an application by flooding the memory space reserved for a program. Stack-based buffer overflows, which are more common among attackers, exploit applications and programs by using what is known as a stack, the memory space used to store user input.
A buffer overflow attack is designed to exploit a buffer overflow vulnerability that allows the inclusion of extra data holding specific instructions for the desired actions of a hacker or malicious user; for example, the data could trigger a buffer overflow exploit, causing actions that damage files, change data, or even reveal sensitive/private information.