Fuzzing is when you send intentionally malformed, excessive, or random data to an application in an attempt to make it misbehave, crash, or reveal sensitive information. You can identify buffer overflow vulnerabilities, which can result in remote code execution. If you cause an application to crash or stop responding after you send it data of a certain size, it may be due to a buffer overflow.
Sometimes, you will just cause a denial of service by causing a service to use too much memory or tie up all the processing power. Regular expressions are notoriously slow and can be abused in the URL routing mechanisms of web applications to consume all the CPU with few requests.
Nonrandom, but malformed, data can be just as dangerous, if not more so. A properly malformed video file can cause VLC to crash and expose code execution. A properly malformed packet,...