Nowadays security vulnerabilities are often published in a short, vague and incomplete way. We can hardly tell what the vulnerability is, what consequence it has, and what could mitigate it. This presentation will help uncover the details of a vulnerability and show you how to use decompiling tools to find the vulnerable code, how to identify vulnerable functions and parameters, and create exploits. With this information, you will have a better idea of what the real risk is, how to mitigate before patching, and be able to verify whether the patch really works – giving you a choice and control over what you do. The presentation will also review an advanced hacking technique and help attendees better understand Oracle CPU details.
Tuesday, Feb 25, 2014 – 4:00-5:00pm
Moscone West, Room 3006