The Community for Technology Leaders
Green Image
Issue No. 04 - July-August (2003 vol. 1)
ISSN: 1540-7993
pp: 77-82
Dave Ahmad , Symantec
<p>Vulnerability research is largely driven by trends, which begin when new classes of vulnerabilities are discovered or innovative techniques for exploiting known classes of vulnerabilities are published. For example, when attackers demonstrate that they can exploit a certain type of programming error to compromise a system's security, the result is the immediate discovery of instances of that error present in software packages. In the last few years, two trends that have emerged are format-string bugs (vulnerabilities that are due to errors in the use of "printf()" functions), and heap-based memory corruption bugs (programming errors that resultin data corruption in the region of memory designated for dynamic memory allocation, or the "heap").Once techniques for exploiting these bugs were published, dozens of vulnerabilities were rapidly discovered, exploited, and fixed.</p>
Dave Ahmad, "The Rising Threat of Vulnerabilities Due to Integer Errors", IEEE Security & Privacy, vol. 1, no. , pp. 77-82, July-August 2003, doi:10.1109/MSECP.2003.1219077
96 ms
(Ver 3.3 (11022016))