<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Developing exploit for a tricky vulnerability

Developing exploit for a tricky vulnerability

From: John Paterson <john9434_at_gmail.com>
Date: Fri, 29 Jun 2007 13:31:36 +0200

Here is the scenario:
There is a buffer located on the heap beginning at address A. I can
overwrite any dword-aligned memory location between A and A+S, where S
is the size of exploit file divided by 2. This is the tricky part -
the value written must be in the range from 0 to FFFF. This is not a
typical heap overflow - in orther to overwrite location X I don't need
to overwrite all locations between A and X, I can overwrite just X.
Multiple locations can be overwritten with different values.
Target platform is Windows XP.
Any ideas how to exploit this?
Received on Jun 29 2007

This message: [ Message body ]
Previous message: Thomas Pollet: "Re: Exotic vulnerability"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos