SEARCH RESULTS
 
Showing 1-3 of 3 records
1
 
Expand article

Responsible-ish Disclosure

2008-05-08 20:50:57 by Chris Eng in Zero in a bit
 
...esi, [ebp+dwLen] ; Our value from packet ... .text:00405C20 push edi .text:00405C21 test esi, esi ; Check value != 0 ... .text:00405C31 push esi ; Alloc with our length .text:00405C32 mov [ebp+var 4], 0 .text:00405C39 call operator new(uint); Big values return NULL .text:00405C3E mov ecx, esi ; Memcpy with our length .text:00405C40 mov esi,...
 
Tags: text, esi, 00405c1b mov esi, ecx, 00405c31 push esi, 00405c3e mov ecx, recent dos vulnerability, vulnerability, 00405c21 test esi
 
 
 
 
Expand article

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle
 
...esi), destination (edi) or count (ecx Fully automating the classification of these cases is complex and almost always requires an entire execution trace. As such, teams are also provided with guidance to assist them during their analysis when our tool is unable to classify beyond "read and write access violations The "Further Investigation...
 
Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions
 
 
 
 
Expand article

Going green: Security opportunities and risks

2008-06-15 13:57:23 by Editor in Adventures in Security
 
When your organization starts talking about going green, the opportunity to change the way employees handle electronically stored information (ESI) presents itself. These opportunities are often driven by increased risk
 
Tags: organization starts, employees handle, opportunities, change, information, opportunity, esi, risk
 
 
 
 
 
Showing 1-3 of 3 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia