[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NYT on Netscape Crack
> >
> > Sigh. For your information the security code for 1.x versions of
> > netscape was not even written by someone from NCSA.
>
> If there is ANY place in the code that I can do a data driven buffer
> overflow, I can force you to execute code that I supply. I don't give
> a damn if it's in the "security" code. It makes no difference where it
> is. If there is a chink, thats it -- you're meat.
How would you do this if the buffer overflow happened in a buffer
which was allocated in a separate protected heap apart from stack
and executable data?
-Ray