Free CompTIA CySA+ CS0-003 Practice Question

During a code audit of a legacy application, a security analyst encounters a function that allocates an array of integers to store results from a user-supplied input. The size of the array is predetermined by a constant value, and the function failed to check if the number of inputs exceeded this size before processing. As a consequence, excess data could overwrite other memory locations. Which specific type of vulnerability is most likely being introduced in this application?

  • Heap Overflow

  • Integer Overflow

  • Stack Overflow

  • Buffer Overflow

This question's topic:
CompTIA CySA+ CS0-003 / 
Vulnerability Management
Your Score:

Check or uncheck an objective to set which questions you will receive.