Heap overflow attacks cause problems and then exploit system explains some Heap Overflow attacks


This is an important sentence and diagram( from the

“Where the details of stack overflow exploitation rely on the specifics of hardware architecture, heap overflows are reliant on the way certain operating systems and libraries manage heap memory. Here I restrict the discussion of heap overflows to a specific environment: a Linux system running on an Intel x86 platform, using the default GNU libc heap implementation (based on Doug Lea’s dlmalloc). While this situation is specific, the techniques I discuss apply to other systems, including Solaris and Windows.”

“Heap overflows can result in compromises of both sensitive data (overwriting filenames and other variables on the heap) and logical program flow (through heap control structure and function pointer modification). I discuss the threat of compromising logical program flow here, along with a conceptual explanation and diagrams.”


What matters from this tutorial is that programs can write in areas when and where they should not (in the heap – on the Operating system), and thus then perform functions the hacker wants done.


Hackers are unique individuals, they can make a computer do things that you do not want done. If a button is clicked or a website visited a program could execute that overflows and then executes the hacker program.  Once hacker programs start to run on your computer it is over and your system is compromised.

Once the system is compromised there will not be any bells ringing, or flashing lights, the machine will run as normal, except maybe just a bit slower. And of course a nefarious hacker is running inside – doing what the hacker wants done.

man-in-the-browser     Here is a sample attack when website (malware = Heap overflow program)


Here is an IBM security explanation:


This event detects the network transfer of HTML and JavaScript code that appear to exploit a memory-corruption vulnerability in Internet Explorer and lead to the execution of code provided by a remote attacker.