Skip to main content

Ray explains what Buffer Overflow means

News broke this week describing how hackers were able to exploit a vulnerability in Facebook owned messaging platform ‘WhatsApp’ and target a select number of users, cited to most likely include lawyers, journalists, activists and human rights defenders.

It was reported that a “buffer overflow” vulnerability was found in the voice over internet protocol (VOIP) and that the hackers were able to use this flaw to enable them to install surveillance software on the users device and ultimately read their messages.But what is a buffer overflow?

This week Ray Welland explains.

The full article can be read here.

“A buffer overflow is an exploit that hackers use to break the logical flow of applications. The buffer overflow is where an attacker sends input which is too large to fit inside the application’s allocated space, and ends up spilling out into adjacent memory space. Hackers will send a carefully constructed input to an application to overwrite the address where trusted code is stored with an address where the attacker’s code is stored so as to get the process to execute their malicious code instead such as installing a backdoor malware.”