Bypassing Browser Memory Protections
Page 1 of 1
Bypassing Browser Memory Protections
Setting back browser security by 10 years
Over the past several years, Microsoft has implemented a number of memory protection mechanisms with the goal of preventing the reliable exploitation of common software vulnerabilities on the Windows platform. Protection mechanisms such as GS, SafeSEH, DEP and ASLR complicate the exploitation of many memory corruption vulnerabilities and at first sight present an insurmountable obstacle for exploit developers.
In this paper we will discuss the limitations of all aforementioned protection mechanisms and will describe the cases in which they fail. We aim to show that the protection mechanisms in Windows Vista are particularly ineffective for preventing the exploitation of memory corruption vulnerabilities in browsers. This will be demonstrated with a variety of exploitation techniques that can be used to bypass the protections and achieve reliable remote code execution in many different circumstances.
Download PDF
Over the past several years, Microsoft has implemented a number of memory protection mechanisms with the goal of preventing the reliable exploitation of common software vulnerabilities on the Windows platform. Protection mechanisms such as GS, SafeSEH, DEP and ASLR complicate the exploitation of many memory corruption vulnerabilities and at first sight present an insurmountable obstacle for exploit developers.
In this paper we will discuss the limitations of all aforementioned protection mechanisms and will describe the cases in which they fail. We aim to show that the protection mechanisms in Windows Vista are particularly ineffective for preventing the exploitation of memory corruption vulnerabilities in browsers. This will be demonstrated with a variety of exploitation techniques that can be used to bypass the protections and achieve reliable remote code execution in many different circumstances.
Download PDF
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» Avant Browser browser:home Persistent XSS vulnerabilities
» Orca Browser browser:home Persistent XSS vulnerability
» Bypassing the intent of blocking "third-party" cookies
» Understanding System Memory and CPU speeds
» UNLOCK PASSWORD PROTECTED MEMORY CARD
» Orca Browser browser:home Persistent XSS vulnerability
» Bypassing the intent of blocking "third-party" cookies
» Understanding System Memory and CPU speeds
» UNLOCK PASSWORD PROTECTED MEMORY CARD
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|