When user-supplied data is read into a buffer that resides on the stack without properly ensuring that the space allocated for the data is not less than the size of the actual data, there is an overflow and some of that data ends of overwriting other values on the stack. This condition can be exploited, because the saved return address -- the address of the instruction that follows the invocation of the current function is stored on the stack and is used to return into the calling function. If this value is overwritten with a memory address that contains malicious code, then the attacker is able to have the program execute whatevet code he wants. And therein lies the security problem.