Issue No. 04 - July-Aug. (2012 vol. 10)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2012.105
Chris Valasek , Coverity
Attackers can gain unauthenticated remote control of the program counter through CVE-2010-3972, a vulnerability in Microsoft's Internet Information Services FTP 7.5. This example of primitive chaining shows that attackers can combine information about the operating system, application, and vulnerability to create a viable exploit.
computer security, exploitation primitives, primitive chaining, Microsoft IIS FTP 7.5
C. Valasek, "Primitive-Chaining Exploits: A Real-World Example," in IEEE Security & Privacy, vol. 10, no. , pp. 82-84, 2012.