Analysis and Exploration of Vulnerabilities

Applied Cryptography Robust Software Quantum Safety Machine Learning Applied to Security Analysis and Exploration of Vulnerabilities Computer Systems Forensic Analysis Reverse Engineering Identification, Authentication and Authorization Secure Execution Environments Direito da Organização e da Segurança

Analysis and Exploration of Vulnerabilities
Vulnerabilities
Vulnerability Assessment of Networked Systems
Enumeration and Information Leakage
Injection
Broken Authentication
XSS Cross Site Scripting
Concurrency
Buffers

Powered by GitBook

On this page

According to CAPEC-100
Scope

Buffer Overflow

PreviousMeltdown Type NextPopularity decline

Last updated 10 months ago

According to CAPEC-100

Targets improper or missing bounds checking on buffer operations.

Typically triggered by input injected by an adversary.

An adversary is able to write past the boundaries of allocated buffer regions in memory.

Causes a program crash or potentially redirection of execution as per the adversaries' choice.

Denial of Service;
(Remote) Code Execution.

Scope

CWE-119 is extremely broad as there are many types of BO.

Characteristics of a BO:

Type of access: Read or Write.
Type of memory: stack, heap.
Location: before or after the buffer.
Reason: iteration, copy, pointer arithmetic, memory clear, mapping.