Firm finds new danger in dangling pointers

Firm finds new danger in dangling pointers
Robert Lemos, SecurityFocus 2007-07-25

In December 2005, technology consultant Inge Henriksen announced he had found a flaw in Microsoft's flagship Web server platform, Internet Information Server (IIS) 5.1. Yet, because the vulnerability appeared impossible to exploit, Microsoft put off patching the issue.

Firm finds new danger in dangling pointers 2007-07-26
Anonymous

This magical (not new) technique of exploiting dangling pointers has been around for many years. Find a memory leak or utilize designed pseudo memory leak functionality of the application and then trigger the bug. Many exploits have taken advantage of this technique to aid exploitation of more "trad...

[ more ]