What characterizes return-oriented attacks?

Return-oriented attacks are a sophisticated type of exploitation technique that involve redirecting the flow of execution to snippets of code, known as "gadgets," that are already present in the application’s memory. This is achieved by manipulating the call stack rather than exploiting software vulnerabilities directly.

In a return-oriented attack, the attacker crafts a specific sequence of return addresses to utilize existing code that performs useful functions without needing to inject new code. This makes the attack stealthier since it relies on legitimate instructions already present in the system, circumventing standard security mechanisms that may check for the presence of malicious code.

This method highlights an important aspect of modern exploitation techniques, where traditional defenses that focus solely on detecting injected code can be bypassed due to the use of existing code—hence, making return-oriented programming a prevalent method in various cyber attacks.

The other options, while related to different types of vulnerabilities or cyber threats, do not accurately define return-oriented attacks, which uniquely leverage the existing instruction sets in applications through stack manipulation.