Buffer overflow

nounid 1713·updated May 12, 2026

candidate

GlossaryL1 — what DictionaryL2 — how used ThesaurusL3 — relations Universaleverything

A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system.

MWE

Classifications

per-axis with provenance

Entity Type

Vulnerability0%rule-basedmulti_axis_classifier_low_confidence.v1

Sensitivity

—85%llm-generatedllm:claude-haiku-4-5

Information Class

—90%llm-generatedllm:claude-haiku-4-5

Variants

3 surface forms

plural: Buffer overflows
possessive: Buffer overflow's
pluralpossessive: Buffer overflows'

Framework definitions

6 senses across 6 frameworks

SANS Glossary of Security Terms1 senseview framework →

§1: A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

ISACA Cybersecurity Glossary1 senseview framework →

§1: Occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold Scope Note: Since buffers are created to contain a finite amount of data, the extra information—which has to go somewhere—can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.

Federal Financial Institutions Examination Council (FFIEC) IT Examination Handbook Infobase, Glossary1 senseview framework →

§1: A condition at an interface under which more input can be placed into a buffer or data-holding area than the capacity allocated, overwriting other information. Attackers exploit such a condition to crash a system or to insert specially-crafted code that allows them to gain control of a system.

NISTIR 7298: Glossary of Key Information Security Terms, Revision 21 senseview framework →

§1: A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system.

CNSSI-4009 (Glossary of Information Assurance Terms)1 senseview framework →

§1: A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system.

NIST SP 800-281 senseview framework →

§1: A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system.

Outgoing relationships

term as subject — 0 triples

No outgoing triples

This term is not the subject of any RDF-style relationship yet.

Incoming relationships

term as object — 0 triples

No incoming triples

No other term currently asserts a relationship to this one.