A buffer overflow, or buffer overrun, occurs when a program or processattempts to store data beyond the boundaries of a fixed-length buffer (which is a temporary data storage area).
Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.
The result is that the extra data overwrites adjacent memory locations. The overwritten data may include other buffers, variables and program flow data, and may result in erratic program behavior, a memory access exception, program termination (a crash), incorrect results or a possible breach of system security.
Read Wikipedia’s entry on buffer overflow here.
For a detailed analysis of how such a vulnerability is attacked read this detailed article by Maciej Ogorkiewicz & Piotr Frej at WindowSecurity.com.