Is that PDF so scary?

10 Sep 2010 Guido Landi aslr dep exploit pdf rop
- “it bypasses DEP and ASLR using impressive tricks and unusual methods” - Vupen - “it uses a previously unpublished technique to bypass ASLR” - Metasploit Blog - “exploit uses the ROP technique to bypass the ASLR and DEP” - ZDnet/Kasperky - “it’s so scary I ran away screaming” - anonymous Is that PDF so scary? I don’t think so. DEP is an hardware feature that prevents execution of data, it obviously works if software sets the execution flag only on memory pages containing code.