Learn AI, Data Science & Business — Earn Certificates That Get You Hired
Get 20% off all career paths from fullstack to AI
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore Java memory corruption vulnerabilities in this 43-minute conference talk by Joshua Drake (jduck). Gain insights into exploiting Java applets, security background, and technical hurdles. Learn about setup, arbitrary call exploitation, format string vulnerabilities, and a practical lab on CVE-2009-3867. Conclude with recommendations for addressing these security concerns in Java applications.
Syllabus
Intro
Overview
Motivation
Background - Applets
Background - Security
Background - Technical
Hurdles - 1
Hurdles - Watchdog
Hurdles - Encoding
Exploiting: Setup
Exploiting: Arbitrary Call
Exploiting: Format String
LABS Exploiting: CVE-2009-3867
Conclusions
Recommendations