Heap-spraying is an interesting type of attack which allocates thousands of malicious objects to the heap in order to exploit a vulnerability of the application (Adobe Reader, Safari, Mozilla Firefox, Internet Explorer). In the presence of a memory corruption or buffer overflow vulnerability, a heap-spraying attack has been shown to be very effective (also with ASLR enabled!).
I wrote a paper to mitigate heap-spraying attacks, now published at SpringerLink. If you find it boring, there are some slides here.
We implemented a prototype in Spidermonkey, the Javascript engine of Firefox. But the concept could be applied to any other application which supports scripting languages a user can consider to spray victim’s memory.
Adobe&Co. guys, please consider this PoC I wrote in a boring and rainy Saturday morning, and fix your things!
Happy Easter!
