As is usual on this subreddit, I see answers with great analogies, and not very good explanations, so I’ll try to give you a very normal one.

This is an example of an attack called a buffer overflow.

Let’s say you have a form on a website, that lets users enter their username. Since usernames are only limited to, say, 20 characters, you allocate 20 blocks of memory in your code to load the username (it’s okay if they aren’t all filled up).

Now, suppose a malicious user comes along and enters a name that is 100 characters long.

If you did everything correctly, this wouldn’t work and he would be blocked. But, every now and then, a developer fucks up (increasingly, vanishingly rare these days, but still). Now, your code loads the entire 100 characters into those 20 blocks of memory you had allocated. But what happens to the extra 80 characters? Well they OVERWRITE the blocks of memory that appeared after the block of memory that contained the name.

This overwritten block might contain code that is to be executed in the future, so, by overwriting it, the hacker is able to execute code of their choice on your computer. It could be to spit out passwords, bank account details, to crash the program, transfer money around, block your access, or any number of things.

This is just one example, but it should help you get the gist!