Which of the following vulnerabilities is exploited when an attacker overwrites a register with a malicious address?

Which of the following vulnerabilities is exploited when an attacker overwrites a register with a malicious address?
A . VM escape
B . SQL injection
C . Buffer overflow
D . Race condition

View Answer

Answer: C

Explanation:

A buffer overflow is a vulnerability that occurs when an application writes more data to a memory buffer than it can hold, causing the excess data to overwrite adjacent memory locations. A register is a small storage area in the CPU that holds temporary data or instructions. An attacker can exploit a buffer overflow to overwrite a register with a malicious address that points to a shellcode, which is a piece of code that gives the attacker control over the system. By doing so, the attacker can bypass the normal execution flow of the application and execute arbitrary commands.

Reference: CompTIA Security+ SY0-701 Certification Study Guide, Chapter 2: Threats, Attacks, and Vulnerabilities, Section 2.3: Application Attacks, Page 76 1; Buffer Overflows – CompTIA Security+ SY0-701 – 2.3 2