Info: “Exploiting Java Memory Corruption Vulnerabilities” All creditz to httX://www.accuvant.com
The Oracle/Sun Java Runtime Environment (JRE) is widely viewed by security researchers as one of the weakest links in the proverbial chain. That said, the exploitation of memory corruption vulnerabilities within the JRE is not always straight-forward. Joshua J. Drake, Accuvant LABS senior research consultant and Metasploit expert, spoke at DerbyCon 2011 about a collection of techniques to overcome the potential issues that one may face while developing exploits against memory corruption vulnerabilities within the JRE. His research includes a demonstration of the techniques as used on a selection of contrived and real-world vulnerabilities as well as a tools download.