Jonathan Ness from the Microsoft Security Response Center says this
IE9 POC is stack exhaustion, not a stack-based buffer overflow and
Stack exhaustion is typically not exploitable for code execution.
2012/12/19 <pereira (at) secbiz (dot) de [email concealed]>:
> ---------------------------------------------------------------...
IE9 POC is stack exhaustion, not a stack-based buffer overflow and
Stack exhaustion is typically not exploitable for code execution.
2012/12/19 <pereira (at) secbiz (dot) de [email concealed]>:
> ---------------------------------------------------------------...
[ more ]