Stack Overflow Vulnerability
What is Stack Overflow Vulnerability?
Stack Overflow VulnerabilityA buffer overflow that occurs on the program stack, typically overwriting the saved return address or local function pointers to redirect execution.
A stack overflow vulnerability is the historical archetype of memory-corruption exploits: an unchecked write into a stack-allocated buffer overruns into the function's saved frame pointer or return address, allowing an attacker to redirect control flow to attacker-controlled bytes (shellcode or ROP gadgets). Defences include stack canaries (StackGuard, /GS), non-executable stacks (DEP/NX), address-space layout randomization (ASLR), shadow stacks and Intel CET, plus compiler-level FORTIFY_SOURCE and safer string handling. Despite decades of mitigation, classic stack overflows still appear in firmware, IoT, and legacy software, and remain a regular subject of CVEs and CTF challenges.
● Examples
- 01
CVE-2003-0352 (DCOM RPC) — Blaster worm leveraged a stack overflow.
- 02
CVE-2019-0708 (BlueKeep) — Remote Desktop service stack overflow.
● Frequently asked questions
What is Stack Overflow Vulnerability?
A buffer overflow that occurs on the program stack, typically overwriting the saved return address or local function pointers to redirect execution. It belongs to the Vulnerabilities category of cybersecurity.
What does Stack Overflow Vulnerability mean?
A buffer overflow that occurs on the program stack, typically overwriting the saved return address or local function pointers to redirect execution.
How do you defend against Stack Overflow Vulnerability?
Defences for Stack Overflow Vulnerability typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Stack Overflow Vulnerability?
Common alternative names include: Stack buffer overflow, Stack smashing.