Buffer overflow

Exploit passing in more data than software expects

A buffer overflow is a vulnerability, or means of exploiting a vulnerability, in a piece of software designed to have data passed into it. In vulnerable software, the area set up to hold this data (the buffer) is inadequately defined and controlled. Thus, by passing the right amount of data in, an attacker can overflow the buffer and place data of their choice - such as code to disable defences or download further malicious code - into an area where it will be executed by the target system.

Buffer overflows are one of the most common forms of security vulnerability.

Glossary


	Similar entries Browser Helper Object Command and control Cookie False positive Greyware Hacker tool Hosts file Man-in-the-middle attack Open redirect Potentially unwanted Riskware Rogue anti-malware Social engineering Stack overflow Vulnerability Web bug Zero-day exploit See also Glossary Resources

Quick Links

Poll

The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Leave a comment
View 11 comments

Malware Prevalence

Autorun
Encrypted/Obfuscated
Heuristic/generic
Sality
Zbot

View this month's full report

Virus Bulletin currently has 224,240 registered users.

Fighting malware and spam

Buffer overflow

See also