quote:
Originally posted by CookieRevised
Such flaws have never been misued to hack someone. They are possible security issues and many of them are even theoretical security issues (they could be used in theory, but never are in practice). 99.99% of them are found before anyone has been able to abuse them, if they even were possible to be used in that manner in practice. This is a very important note to take (especially for paranoids) when it comes down to heap buffer overrun flaws (which are what those security issues were). For more info on such buffer overrun issues see some very technical sites and papers. The important thing to remember is that those are possible in theory, but in practice it seldom works and it would be more "luck" than anything else; though they are considered more dangerous than stack buffer overruns (the later are very common actually in many programs).
I would have thought the reliability of a stack buffer overflow would make them more dangerous? Then again, I've never heard of a heap buffer overflow exploit before.
/ 
![[Image: spartaafk.png]](http://www.rpsoftware.net/img/spartaafk.png)
