|
Full Disclosure
mailing list archives
Re: Microsoft Office Excel 2010 memory corruption
From: Yuhong Bao <yuhongbao_386 () hotmail com>
Date: Sun, 28 Oct 2012 20:31:19 -0700
Of course, if you can control the crash address so it is >=0x1000, then it could be exploitable, but until then it is
not.
Date: Mon, 29 Oct 2012 06:53:52 +0330
Subject: Re: [Full-disclosure] Microsoft Office Excel 2010 memory corruption
From: kavehghaemmaghami () googlemail com
To: yuhongbao_386 () hotmail com
Yuhong thank you so much fore sharing
is OK if i ask some question ? if its ok you can answer me
what is the fast way to find out crash cause like use-after-free
double free and heap corruption ?
i mean to figure out if there is heap corruption like use-after free
double free etc ....
this crash analayzer scares me
look at the crash was null pointer and how the hell other guy analyze
it and found out its exploitable
http://securityevaluators.com/files/papers/CrashAnalysis.pdf
Best Regards
On Mon, Oct 29, 2012 at 6:30 AM, Yuhong Bao <yuhongbao_386 () hotmail com> wrote:
How can i make sure a crash is not exploitable?
Look at the crash address (null dereference will be < 0x1000) and type of
exception.
Also type G in WinDbg to see if it is handled.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
Re: Microsoft Office Excel 2010 memory corruption Yuhong Bao (Oct 29)
(Thread continues...)
| 
