12. File Format Fuzzing: Automation on UNIX
“I’m the commander—see, I don’t need to explain—I do not need to explain why I say things. That’s the interesting thing about being president.”
—George W. Bush, as quoted in Bob Woodward’s Bush at War
File format vulnerabilities can be exploited both client-side, as is the case with Web browsers and office suites, as well as server-side, as is the case with e-mail scanning antivirus gateways, for example. With regards to client-side exploitation, widespread usage of the affected client is directly related to the severity of the issue. An HTML parsing vulnerability affecting Microsoft Internet Explorer, for example, is among the most coveted file format vulnerabilities as far as severity ...
Get Fuzzing: Brute Force Vulnerability Discovery now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.