Arbitrary code execution

Even though this particular weakness may not cause actual problems in the real world, researchers have discussed whether it suggests a natural tendency for computers to have vulnerabilities that allow unauthorized code execution.

For example: Arbitrary code execution is commonly achieved through control over the instruction pointer (such as a jump or a branch) of a running process.

To work around this, once an attacker can execute arbitrary code on a target, there is often an attempt at a privilege escalation exploit in order to gain additional control.

With or without this enhanced control, exploits have the potential to do severe damage or turn the computer into a zombie—but privilege escalation helps with hiding the attack from the legitimate administrator of the system.

At Awesome Games Done Quick 2014, a group of speedrunning enthusiasts managed to code and run versions of the games Pong , Snake and Super Mario Bros in a copy of Super Mario World[12] by utilizing an out-of-bounds read of a function pointer that points to a user controlled buffer to execute arbitrary code.