C programs are especially susceptible to buffer overflow attacks.
Buffer overflows occur when a program puts more data into a buffer than it can hold.
A heap is a memory space that is dynamically allocated. Heap-based buffer overflows are different from stack-based buffer overflows in that the stack-based buffer overflow depends on overflowing a fixed length buffer.
A range of software products can be used to defend against buffer overflows, including Return Address Defender (RAD), StackGuard, and Immunix.