The paper “Application-Specific Attacks: Leveraging the ActionScript Virtual Machine” written by Mark Dowd in which he describes various techniques that promise to open up a class of exploits and vulnerability research previously thought to be prohibitively difficult. While the Flash vulnerability described in the paper [pdf] has been patched by Adobe, the presentation of a reliable exploit for NULL pointer dereferencing has the researchers who have read the paper fascinated. Thomas Ptacek has an explanation of Dowd’s work, and Nathan McFeters at ZDNet is ‘stunned by the technical details‘
Popularity: 61%
Tags: exploit, flex, null, pointer
This post was written by Virgil Cristea
Views: 1078


















