摘要
探讨了一种新型的漏洞利用方式,这种利用方式充分利用了Windows系统中固有的堆管理机制,使得原本被认为不可利用的一种程序异常变成一种危险的可利用漏洞。从漏洞关键代码出发,分步骤分层次地分析了这种漏洞利用方式的利用过程和原理;结合具体漏洞利用分析整个流程及其危害;最后针对该种利用方式系统分析了其防护的机制和手段。
Based on the technology of Windows Heap Managing, a new vulnerability exploiting method made a programme exception become an exploitable vulnerability. This paper began with analyzing the programme exception, systemly disscussed the whole exploiting processs and the reasons. Then according to the specific IE vulnerability, the exploiting method and its danger were analyzed. At last, some defences of the vulnerability were dicussed.
出处
《计算机应用》
CSCD
北大核心
2008年第5期1152-1155,共4页
journal of Computer Applications
基金
国家863计划项目(2006AA01Z431)
