What type of attack involves sending more data to a variable than it can hold?

A buffer overflow attack occurs when an attacker sends more data to a variable than it is designed to handle. This overflow can cause the excess data to overwrite adjacent memory, potentially leading to unpredictable behavior, crashes, or even the execution of malicious code.

The vulnerability typically arises when the software does not properly check the size of the input data. When an attacker exploits this by sending oversized input, they can manipulate the memory in a way that allows them to take control of the system. This can lead to a variety of harmful outcomes, including unauthorized access to sensitive data or the ability to run arbitrary code.

In contrast, the other types of attacks listed focus on different vulnerabilities. SQL injection targets database queries by injecting malicious SQL code, whereas cross-site scripting (XSS) involves injecting scripts into web pages viewed by other users. Code injection generally refers to a broader category that includes various methods of injecting code into a runtime context, but it doesn't specifically define the overflow scenario.