Revealing the exploitability of heap overflow through PoC analysis

Abstract The exploitable heap layouts are used to determine the exploitability of heap vulnerabilities in general-purpose applications. Prior studies have focused on using fuzzing-based methods to generate more exploitable heap layouts. However, the exploitable heap layout cannot fully demonstrate t...

وصف كامل

التفاصيل البيبلوغرافية
الحاوية / القاعدة:	Cybersecurity
المؤلفون الرئيسيون:	Qintao Shen, Guozhu Meng, Kai Chen
التنسيق:	مقال
اللغة:	الإنجليزية
منشور في:	SpringerOpen 2024-07-01
الموضوعات:	Exploitability evaluation Proof-of-concept Static analysis Taint analysis Heap object recovery
الوصول للمادة أونلاين:	https://doi.org/10.1186/s42400-024-00244-6

مواد مشابهة

Automatic Generation of Code for Heap Spraying Object Manipulation Targeting Kernel Vulnerability Exploitation
حسب: LIU Zhuang, GU Kangzheng, TAN Xin, ZHANG Yuan
منشور في: (2025-04-01)

From proof-of-concept to exploitable
حسب: Yan Wang, وآخرون
منشور في: (2019-03-01)

Detection Method for Heap Overflow fastbin Attack Based on Symbolic Execution
حسب: ZHAO Chao, PAN Zulie, FAN Jing
منشور في: (2020-10-01)

Behavioral Analysis of Backdoor Malware Exploiting Heap Overflow Vulnerabilities Using Data Mining and Machine Learning
حسب: Ali Raza Khaliq, وآخرون
منشور في: (2023-11-01)

Detecting House of Spirit Attacks by Glibc Heap Information Extraction
حسب: ZHAI Jiqiang, وآخرون
منشور في: (2024-02-01)

SAMLDroid: A Static Taint Analysis and Machine Learning Combined High-Accuracy Method for Identifying Android Apps with Location Privacy Leakage Risks
حسب: Guangwu Hu, وآخرون
منشور في: (2021-11-01)

Automatic exploitation generation method of write-what-where vulnerability
حسب: Huafeng HUANG, وآخرون
منشور في: (2022-01-01)

Automatic exploitation generation method of write-what-where vulnerability
حسب: Huafeng HUANG, وآخرون
منشور في: (2022-01-01)

The memory forensic research oriented to segment heap in Windows 10 system
حسب: ZHAI Jiqiang, وآخرون
منشور في: (2021-10-01)

Comparative analysis of two approaches to the static taint analysis
حسب: M. V. Belyaev, وآخرون
منشور في: (2018-10-01)

Accelerating Firmware Vulnerability Discovery Through Precise Localization of IntermediateTaint Sources and Dangerous Functions
حسب: ZHANG Guanghua, CHEN Fang, CHANG Jiyou, HU Boning, WANG He
منشور في: (2025-07-01)

Investigation of Liquid Channeling in Heap by Tracer Test
حسب: Tatsuya SHINKAWA, وآخرون
منشور في: (2017-12-01)

SOME FUNDAMENTAL PROPERTIES OF HEAPS
حسب: Dwi Mifta Mahanani, وآخرون
منشور في: (2023-12-01)

Xades: Static Taint Analysis Framework for C#-Based Multilingual Applications
حسب: O. Sehwan, وآخرون
منشور في: (2025-01-01)

An Enhanced Static Taint Analysis Approach to Detect Input Validation Vulnerability
حسب: Abdalla Wasef Marashdih, وآخرون
منشور في: (2023-02-01)

Heaping at Round Numbers on Financial Questions: The Role of Satisficing
حسب: Michael Gideon, وآخرون
منشور في: (2017-08-01)

Heap Optimization in A* Pathfinding for Horror Games
حسب: Risaldi Angga Buana Putra, وآخرون
منشور في: (2025-03-01)

E-SERS: An Enhanced Approach to Trust-Based Ranking of Apps
حسب: Nahida Chowdhury, وآخرون
منشور في: (2024-07-01)

Environmental Risk Issues at a Coal Waste Spoil Heap—Climate Change Concern
حسب: Paweł Wrona, وآخرون
منشور في: (2025-01-01)

RESEARCH OF LEVEL OF SPONTANEOUS COMBUSTION ON COAL HEAPS GENESIS DANGER
حسب: Vlastimil MONI, وآخرون
منشور في: (2014-07-01)

Quantifying age heaping and age misreporting in a multicentric survey
حسب: D R Basannar, وآخرون
منشور في: (2022-01-01)

Study on migration and adhesion of fine particles in the pores of a heap leaching system
حسب: Wei CHEN, وآخرون
منشور في: (2024-06-01)

Effect of ore particle size on solution capillary seepage in ore heaps
حسب: YIN Sheng-hua, وآخرون
منشور في: (2015-05-01)

Lacunae in Forensic Handwriting Examination: Scope for Exploitation
حسب: V. P. Varshney, وآخرون
منشور في: (2019-01-01)

Wind Power Plants and Selected Technical and Economic Aspects of Their Construction on Mine Heaps
حسب: Krzysztof Kaczmarczyk, وآخرون
منشور في: (2023-09-01)

Theory of Heap Particle Motion in Vibration Cleaning of Potatoes
حسب: Bulgakov Volodymyr, وآخرون
منشور في: (2023-12-01)

An Efficient Heap Based Optimizer Algorithm for Feature Selection
حسب: Mona A. S. Ali, وآخرون
منشور في: (2022-07-01)

Hyperspectral guidance for summer tea processing: Enhancing taste and aroma through short‐term cycled heaping
حسب: Hujing Cao, وآخرون
منشور في: (2024-11-01)

Asynchronous distribution scheme of group quantum keys based on max heap in classical network
حسب: Dexin Zhu, وآخرون
منشور في: (2025-06-01)

Gangues and Clays Minerals as Rate-Limiting Factors in Copper Heap Leaching: A Review
حسب: Norman Toro, وآخرون
منشور في: (2021-09-01)

A Decision Support System for Changes in Operation Modes of the Copper Heap Leaching Process
حسب: Manuel Saldaña, وآخرون
منشور في: (2021-06-01)

The Use of Construction Waste to Remediate a Thermally Active Spoil Heap
حسب: Eva Pertile, وآخرون
منشور في: (2023-06-01)

Utilization of Result of Trial Seeding Experimental Plots in the Course of Rehabilitation of Central Tailing Heap of Ján Šverma Mine in Žacléř
حسب: Vlastimil Hudeček, وآخرون
منشور في: (2012-12-01)

A Taint Analysis Approach for Trace and Vulnerability Validation
حسب: QIN Biao, GUO Fan, YANG Chenxia
منشور في: (2020-05-01)

Use of Ensemble Learning to Detect Buffer Overflow Exploitation
حسب: Ayman Youssef, وآخرون
منشور في: (2023-01-01)

Anthropological investigation in two threshing heap stamp and cultivation and ownership system of landlords in markazi province: Komijan city and Esfandan village
حسب: Ahmad Sohrabinia, وآخرون
منشور في: (2023-09-01)

Mesoscopic seepage velocity characteristics during heap leaching based on magnetic resonance imaging
حسب: YIN Sheng-hua, وآخرون
منشور في: (2015-03-01)

Parameterization of Dust Emissions from Heaps and Excavations Based on Measurement Results and Mathematical Modelling
حسب: Karol Szymankiewicz, وآخرون
منشور في: (2024-07-01)

Pyrolysis of Technogenic-Redeposited Coal-Bearing Rocks of Spoil Heaps
حسب: Nikolay I. Akulov, وآخرون
منشور في: (2020-03-01)

Java Deserialization Vulnerability Detection Method Based on Hybrid Analysis
حسب: Peng ZHENG, Letian SHA
منشور في: (2023-12-01)