Je hebt een klacht over de onderstaande posting:
Slaapt de redactie ? Hallo ? Zlib, ffs! <fair use?> The zlib compression library is reportedly vulnerable to a heap corruption vulnerability. Under some circumstances, a block of dynamically allocated memory may have the 'free()' routine called on it twice. This may occur during decompression. An exploitable condition may result if the 'free()' function is used on memory that has already been freed. Under some circumstances, it is possible for an attacker to manipulate data layout in the heap so that an arbitrary word in memory is overwritten with a custom value when 'free()' is called for the second time. Arbitrary code may be executed if critical values such as function return addresses, GOT entries, etc., are overwritten. By itself, this condition is not a vulnerability. An attacker must identify a program linked to the library or using vulnerable code with higher privileges, or running on a remote machine. The attacker must also locate a method through which the condition may be triggered ...
Beschrijf je klacht (Optioneel):