[Osiris]

New Hack Technique Exploits Common Programming Error

Researchers say they have discovered a reliable method of exploiting a common programming error which has long been considered a quality issue, no a security issue.

Jonathan Afek and Adi Sharabani of Watchfire stumbled upon the method for remotely exploiting dangling pointers by chance while they were running the company's AppScan software against a Web server. The server crashed in the middle of the scan and after some investigation, the pair found that a dangling pointer had been the culprit.