Dear Jerome Athias, I said NULL pointer is not exploitable _by itself_. Ability to control unhandled exception filter is different vulnerability. NULL pointer in this case is not exploitation vector, it's only used to initiate attack. --Thursday, November 2, 2006, 10:01:19 PM, you wrote to 3APA3A@xxxxxxxxxxxxxxxx: JA> 3APA3A a écrit : >> Dear xxxx@xxxxxxxxx, >> >> NULL pointer dereference is not exploitable to code execution by itself. >> >> JA> Hi, JA> you should be interested by this JA> http://metasploit.blogspot.com/2006/08/putting-fun-in-browser-fun.html JA> + a little tool JA> https://www.securinfos.info/outils-securite-hacking/uSEH.rar JA> /JA -- ~/ZARAZA Íåïðèÿòíîñòè íà÷íóòñÿ â âîñåìü. (Òâåí)
