HomeGlossary › What is a buffer overflow attack?

What is a buffer overflow attack?

D2 ยท Threats  ยท  CompTIA Security+ SY0-701
A buffer overflow occurs when a program writes more data to a fixed-size memory buffer than it can hold, overwriting adjacent memory. An attacker can use this to overwrite the return address and redirect execution to malicious code.

Types: stack overflow (most common โ€” overwrites return address), heap overflow (corrupts heap metadata or objects).
Buffer overflows are a memory safety vulnerability. Mitigations include: ASLR (Address Space Layout Randomization), DEP/NX (non-executable memory), stack canaries, and safe coding languages. Common in C/C++ programs.
โ† Back to Glossary Practice Questions โ†’

// Related Terms

โ†’ What is SQL injection? โ†’ What is cross-site scripting (XSS)? โ†’ What is a man-in-the-middle (MITM) attack? โ†’ What is privilege escalation?