BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
csrss.exe double-free vulnerability - arbitrary DWORD overwrite exploit Dec 30 2006 12:40AM
Reversemode (advisories reversemode com)

Hi,

For those researchers who are interested in the Csrss Double-Free
vulnerability, I have coded an arbitrary DWORD overwrite exploit. This
flaw is hard to exploit (at least for me) due to the the "fail-and-die"
situation. Corrupting the heap in a process like Csrss is dangerous.
However, by defi...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus