Exploiting heap overflows on XP SP2
nicolas.falliere_at_gmail.com
Date: 08/18/05
- Previous message: Soluk, Kirk: "RE: SharePoint securization"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 18 Aug 2005 08:18:33 -0000 To: focus-ms@securityfocus.com('binary' encoding is not supported, stored as-is) Hi,
I describe a new way to exploit heap-based buffer overflows in the following paper:
http://www.packetstormsecurity.com/papers/bypass/bypassing-win-heap-protections.pdf
Basically, one can use critical section related linking structures stored on the process’s default heap to produce a n*4-byte overwrite. Gaining control is another problem, only memory overwrite is discussed in the paper.
NF
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Soluk, Kirk: "RE: SharePoint securization"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
