Because of the popularization of the Internet, the buffer overflow attack has become one of the favorite attacks of hackers and the most concern in the information security field. Steganography can hide the secret information in digital images, audios or videos to avoid the detection of the human sensory system. Therefore, it is reported that there has been malicious buffer overflow code embedded in the digital images to avoid the detection of anti-virus systems. This paper is to study and realize an information hiding-based buffer overflow attack. First, the malicious code which can result in a buffer overflow attack is embedded in a cover image. A simulative image processing program is then used to extract the embedded malicious code and perform the buffer overflow attack. Experimental results show that the proposed information hiding-based buffer overflow attack can effectively avoid both the detection of human visual system and various antivirus systems. Moreover, the proposed attack can also effectively launch a certain buffer overflow attack. The achievement of this study can be referred when developing prevention methods of such an attack.