Stack overflow

Overflow vulnerability due to software coding error

Strictly speaking, a stack overflow is what happens when the amount of memory allocated to a program for its call stack is over-filled, causing the program to crash. In general use, particularly in security issues, the term 'stack overflow' refers to a stack buffer overflow, a type of buffer overflow taking place on the call stack.

A stack buffer overflow attack is an attempt to exploit a coding vulnerability in software, where the boundaries for data being passed onto the stack are inadequately controlled. This allows malicious data to be written to the stack in such a way that it overwrites other areas, which can then in turn lead to the data written to those areas being executed as program code. Many major malware attacks have exploited such vulnerabilities, including the hugely widespread Slammer and Blaster worms.

Glossary


	Similar entries Browser Helper Object Buffer overflow Command and control Cookie False positive Greyware Hacker tool Hosts file Man-in-the-middle attack Open redirect Potentially unwanted Riskware Rogue anti-malware Social engineering Vulnerability Web bug Zero-day exploit See also Glossary Resources

Quick Links

Poll

The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Leave a comment
View 11 comments

VB2012


	VB2012 will take place 26 - 28 September 2012 at the Fairmont Dallas hotel, Dallas, TX, USA.

Virus Bulletin currently has 224,239 registered users.

Fighting malware and spam

Stack overflow

See also