Software vulnerabilities are unfortunately an ever-present risk, which is why secure coding is essential. For that reason, it’s important that you ensure that your code is secure and protected.
A buffer overflow occurs when a program or process tries to store more data in a temporary data storage area (a buffer) than it was designed to contain. The result is that the extra information “overflows” into adjacent buffers, which can corrupt or overwrite the valid data held in those locations
Code injection, also called Remote Code Execution (RCE), occurs when an attacker exploits an input validation flaw in software to introduce and execute malicious code. Code is injected in the language of the targeted application and executed by the server-side interpreter.
Any application that directly uses unvalidated input is vulnerable to code injection, and web applications are a prime target for attackers. This article shows how code injection vulnerabilities arise and how you can protect your web applications from injection.