Posted by Berend-Jan Wever on Nov 18

L.S.

Over the past decade, heap sprays have become almost synonymous with
exploits in web-browsers. After having developed my first practical
implementation of a heap spray about ten years ago, I found that the
amount of memory needed in some cases was too much for a realistic
attack scenario. I needed a new kind of heap spray that did not allocate
as much RAM as traditional heap sprays do. So, I developed a heap spray
that uses significantly…