Unit 3 - 2.3.1 Application Vulnerabilitites

A technique to insert or manipulate code within the address space of a running process.

A method to enhance the functionality of a program by injecting additional memory resources.

A process to debug software applications by injecting code snippets into memory.

A mechanism to prevent unauthorized access to memory locations in a computer system.

It's a social engineering attack that exploits human habits.

It occurs when a buffer is filled and then extra data is added, leading to memory corruption.

It's a debugging technique to enhance the functionality of software applications.

It happens when an attacker hijacks cookies used to authenticate users on websites.

They can result in the theft of sensitive information.

They can lead to the unauthorized access of computer systems.

They can cause unintended behavior or system crashes by overwriting adjacent memory locations.

They can compromise the integrity of software updates.

A. Integer overflow attacks target numerical variables, while buffer overflow attacks target string variables.

B. Integer overflow attacks involve exceeding the capacity of numerical variables, leading to unintended results.

C. Buffer overflow attacks exploit the speed of data writing in memory, while integer overflow attacks exploit data validation processes.

D. Integer overflow attacks involve manipulating cookies, while buffer overflow attacks involve hijacking URLs.

A. It's a bug that occurs when a software update contains malicious code.

B. It's a bug that arises from the race between different processes to write to shared memory.

C. It's a bug that causes buffer overflows in software applications.

D. It's a bug that occurs when an attacker exploits vulnerabilities in the update process.

It's a deceptive software update that may contain malware or unwanted functionalities.

It's an update designed to enhance the security of software applications.

It's an update that fixes bugs and improves the performance of software.

It's an update distributed through compromised update servers to improve system stability.