- “it bypasses DEP and ASLR using impressive tricks and unusual methods” - Vupen
- “it uses a previously unpublished technique to bypass ASLR” - Metasploit Blog
- “exploit uses the ROP technique to bypass the ASLR and DEP” - ZDnet/Kasperky
- “it’s so scary I ran away screaming” - anonymous
Is that PDF so scary? I don’t think so.
DEP is an hardware feature that prevents execution of data, it obviously works if software sets the execution flag only on memory pages containing code.