From: Tony Williams 

We don't seem to be communicating too well I'll admit. Try this. Given a
known vulnerability in an app it's easy to get a stack trace of where the
program is when the exploit happens. From this you can find out which, if
any, public API function is being exploited. If the exploit doesn't involve
a public API then it's specific to that app.

--
Tony

Geo. wrote:
> What public API function? Does that tell you that it's a specific function
> in a C++ library and make it easy to search all the source code for windows
> to see what other modules use that same library function? I think you are
> missing my whole point here.
>
> Geo.
>
> "Tony Williams"  wrote in message
> news:3de8fe76{at}w3.nls.net...
>
>>Geo. wrote:
>>
>>>"Tony Williams"  wrote in message
>>>news:3DE7AA13.9070708{at}blarg.net...
>>>
>>>
>>>
>>>>>And how would you know what function to search for?
>>>>
>>>>The one with the known vulnerability - printf() in your example.
>>>
>>>
>>>Great, so what function was it in this latest patch for the ocx control
>
> with
>
>>>MS? Oh, you don't have the source so you don't know? How about any of
>
> the MS
>
>>>patches, do you know what functions to search for?
>>>
>>
>>It wouldn't be too hard to find out from the documentation if it was a
>>public API function. All it takes is a stack trace on a program
>>exhibiting the vulnerability.
>>
>>If it wasn't one of the API functions then nobody will be using it
>>except through another documented API function so the vulnerability can
>>be exploited via that call.
>>
>>--
>>Tony
>>
>
>
>

--- BBBS/NT v4.01 Flag-4