RE: What are some low level vulns? 07-18-2014, 10:45 PM
#7
Integer overflow - Integer overflow is the result of trying to place into computer memory an integer hat is too large for the integer data type in a given system. I think there was such vulnerability in Adobe Flash before a few mouths(or years not sure).
You may like this page http://phrack.org/issues/60/10.html#article
But in my opinion the most recent vulnerability is wrong programming logic.
For example let's say that you have to check if a number is >= 0 and < 1000000 in C++ you will implement it like this:
But a lot of programmers make this mistake:
Now the user can provide 0 as value, and the program may go wrong.
You may like this page http://phrack.org/issues/60/10.html#article
But in my opinion the most recent vulnerability is wrong programming logic.
For example let's say that you have to check if a number is >= 0 and < 1000000 in C++ you will implement it like this:
Code:
if(number <= 0 || number > 1000000){
Do something
}Code:
if(number < 0 || number > 1000000){
Do something
}Now the user can provide 0 as value, and the program may go wrong.
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)