What type of vulnerability is a buffer overflow?

A buffer overflow is classified as a source code vulnerability because it arises from how developers handle memory allocation and data input in their programs. When a program attempts to store more data in a buffer (a contiguous block of memory) than it can hold, it can overwrite adjacent memory, leading to unpredictable behavior. This exploitation can enable an attacker to inject malicious code, alter program execution flow, or cause denial of service.

Understanding this vulnerability is crucial as it often stems from programming errors such as improper bounds checking or failure to validate input data. By addressing these coding practices during the software development life cycle, organizations can mitigate the risks associated with buffer overflows, enhancing the overall security of their applications.