Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search

Table Of Contents  CertiGuide to Security+
 9  Chapter 2:  Communication Security (Domain 2.0; 20%)
      9  2.3  The Web
           9  ActiveX

Previous Topic/Section  ActiveX
Previous Page
Pages in Current Topic/Section
Next Page  Cookies
Next Topic/Section  Buffer Overflows
(Page 1 of 3)

We discussed buffer overflows earlier in section 1.4.12, on software exploitation. Now we look at this vulnerability in more detail.

A buffer overflow is a condition which occurs when a software program tries to copy too much data into too small an area in the computer’s memory (called a buffer), causing the data to fill up that area and proceed to overwrite other areas of memory that follow the original area. Generally it results from programmers making an incorrect (too small) assumption about how much data is being moved.

How Do They Work?

Computers move data back and forth in memory by means of variables, which are blocks of memory, each of which has a location in memory and a size. If you think of each variable as being a pitcher of a certain size and in a certain location on a table full of pitchers, a buffer overflow might look like a huge pitcher of orange juice being poured into a small one, and the overflow juice, which needs somewhere to go, accidentally seeping over the edge of the small pitcher into the pitcher next to it (the next variable in memory). If the pitcher next door originally held fine Australian red wine, and the overflow replaces, or “overwrites”, any or all of the wine with orange juice, the next person who tries to use that pitcher of wine is going to find an unpleasant surprise. Much the same thing happens with buffer overflows on a computer. The excess data overflows into adjacent areas of memory, overwriting what was there.

Since the previous contents of that memory were likely in use before it was overwritten, when the software program next accesses that memory, they’re going to find unexpected contents, which may cause the program to misbehave or even crash.

A more severe case of buffer overflow occurs when the excess data overflows not just the part of memory holding the program’s data, but also the part holding the program’s executable code. Program code works like a list of instructions. The computer goes through the list of instructions in order, performing each one on the list, just like you would when assembling a piece of IKEA furniture. If part of that list is overwritten by excess data from a buffer overflow, well, the computer doesn’t know any better, and it will continue to treat what’s there as a list of instructions, and try to follow them. If what’s there is random gobbledygook, the program will probably crash. If its carefully crafted gobbledygook that just happens to look exactly like the program code which would, for example, delete an important system file, it’ll do that too. The art of exploiting a buffer overflow, thus, requires knowledge of how to construct such sequences of instructions in computer machine language, as well as, knowledge of how to get those sequences to be executed.

Previous Topic/Section  ActiveX
Previous Page
Pages in Current Topic/Section
Next Page  Cookies
Next Topic/Section

If you find useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $

Home - Table Of Contents - Contact Us

CertiGuide for Security+ ( on
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al. Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.