Printable View
ok, for one of our classes we have to list one of the buffer overrun vulnerabilities, "how it happens" and what the fix would do for the latest version of IE. i've looked in the IE fixes and all they say are "fixes buffer overrun vuln for IE" but doesn't go into detail about how.
if anyone who happens to know would help, that would be wonderful.
-=[t]P=-
I am afraid that at that level my eyes tend to glaze over :)
You might look at the EEYE, BUGTRAQ, CERT and CIAC sites though? There are frequently links to more detailed explanations there
;)
If you want to learn how buffer overflows actually work, I would recommend reading Smashing The Stack For Fun And Profit. It is the authoritative paper on the subject.
But your teacher may only be looking for a description of which buffer/variable is overflowed and specifically how it is made to overflow, and not all the nitty gritty technical details about what happens after the fact. As nihil said, the bugtraq, cert, cve, and such sites are excellent places to find the internals of a vulnerability.