An application server runs slowly and then triggers a high CPU alert. After investigating, a security analyst finds an unauthorized program is running on the server. The analyst reviews the application log below. 

Which of the following conclusions is supported by the application log? 

Answer options:

A. An attacker was attempting to perform a DoS attack against the server
B. An attacker was attempting to download files via a remote command execution vulnerability
C. An attacker was attempting to perform a buffer overflow attack to execute a payload in memory
D. An attacker was attempting to perform an XSS attack via a vulnerable third-party library

C