Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ISSTA
2010
ACM
2010
ACM
Automatic detection of unsafe component loadings
Dynamic loading of software components (e.g., libraries or modules) is a widely used mechanism for improved system modularity and flexibility. Correct component resolution is critical for reliable and secure software execution, however, programming mistakes may lead to unintended or even malicious components to be resolved and loaded. In particular, dynamic loading can be hijacked by placing an arbitrary file with the specified name in a directory searched before resolving the target component. Although this issue has been known for quite some time, it was not considered serious because exploiting it requires access to the local file system on the vulnerable host. Recently such vulnerabilities started to receive considerable attention as their remote exploitation became realistic; it is now important to detect and fix these vulnerabilities. In this paper, we present the first automated technique to detect vulnerable and unsafe dynamic component loadings. Our analysis has two pha...
Real-time Traffic| Added | 15 Aug 2010 |
| Updated | 15 Aug 2010 |
| Type | Conference |
| Year | 2010 |
| Where | ISSTA |
| Authors | Taeho Kwon, Zhendong Su |
Comments (0)
Researcher Info
|
