On 28 Jul 2003, Eric Jahn wrote:
> some code to exploit this vulnerability. Exactly what about a buffer
> overflow renders a machine so open to hacking? Are buffer overflows not
> a problem in Java because you don't manipulate pointers as in C++ or C?
There are a few different types of attacks classified under "buffer
overflows", but the bottom line is that they allow arbitrary (i.e. evil)
code to be executed on the target machine. The possibilities are
limitless from there, since the bad guy now has total control over your
system.
Java does array bounds checking at runtime to help prevent these attacks
(and the sandbox security model offers additional protections as well,
to guard against malicious applets).
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:59:42 EDT