Linked by Thom Holwerda on Mon 18th Jan 2010 22:00 UTC
Internet Explorer Ah, the security vulnerability that was used in the Google attack. It's been around the internet about a million times now, and even governments have started advising people to move away from Internet Explorer. As is usually the case, however, the internet has really blown the vulnerability out of proportion. I'll get right to it: if your machine and/or network has been compromised via this vulnerability, then you most likely had it coming. No sympathy for you.
Permalink for comment 404856
To read all comments associated with this story, please click here.
Re: Null Reference
by OSGuy on Tue 19th Jan 2010 07:58 UTC
OSGuy
Member since:
2006-01-01

the reference to a random location of freed memory could result in execution of the attacker's code.

How can this possibly work? Seriously, if a reference to a deleted object does magic such as this, that is really bad as the object has been deleted, the memory is free and anything can now be stored in the same location once it's been freed. Perhaps if the address stored in the pointer is not cleared, in other words the pointer is not set to NULL, the memory location referenced by the pointer gets filled with something else - the malicious code from outside. May be they have forgotten to NULL the pointer!

Again, I am just trying to make logic out of this! ;)

Edited 2010-01-19 08:01 UTC

Reply Score: 2