|
|
|
|
|
|
by yuhong
4742 days ago
|
|
|
On that matter, it is not difficult for someone who knows how to use WinDbg or similar to see if a crash is exploitable. For example, in user mode, null pointer accesses are generally not exploitable. I personally was able to get an IE6/IE7 bug described in http://www.satzansatz.de/cssd/pseudocss.html#fltadjacent fixed in the May 2013 security update by proving there is an exploitable crash. |
|
|