• DocumentCode
    1262348
  • Title

    Primitive-Chaining Exploits: A Real-World Example

  • Author

    Valasek, Chris

  • Author_Institution
    Coverity
  • Volume
    10
  • Issue
    4
  • fYear
    2012
  • Firstpage
    82
  • Lastpage
    84
  • Abstract
    Attackers can gain unauthenticated remote control of the program counter through CVE-2010-3972, a vulnerability in Microsoft´s Internet Information Services FTP 7.5. This example of primitive chaining shows that attackers can combine information about the operating system, application, and vulnerability to create a viable exploit.
  • Keywords
    Microsoft IIS FTP 7.5; computer security; exploitation primitives; primitive chaining;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2012.105
  • Filename
    6265106
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1262348