Research Article
An Exploitability Analysis Technique for Binary Vulnerability Based on Automatic Exception Suppression
Table 2
Comparison between our method and existing tools (“√”—Exploitable “※”—Probably Exploitable “×”—Unexploitable “?”—Unkonwn).
| | Program Name | Exception type | !exploitable | CERT Triage Tools | CRAX | REX | Our method |
| | CADET_00001 | Read exception | ? | √ | × | × | √ | | CROMU_00055 | Read exception | ? | ? | × | × | √ | | CROMU_00058 | Read exception | ? | ※ | × | × | √ | | CROMU_00064 | Read exception | √ | √ | × | × | √ | | CROMU_00078 | Read exception | ? | ? | × | × | √ | | YAN01_00001 | write-x-where | ? | ? | × | × | √ | | LEGIT_00003 | write-x-where | ? | √ | × | √ | √ | | TNETS_00002 | Read exception | ? | ? | × | × | √ | | NRFIN_00074 | Read exception | ? | ? | × | × | √ | | NRFIN_00078 | Read exception | ? | ? | × | × | √ | | CROMU_00064 | write-x-where | ? | ? | × | × | √ | | Equation_parser_overflow | Read exception | ? | √ | × | × | √ | | NRFIN_00059 | Read exception | ? | ? | × | × | × | | KPRCA_00065 | Read exception | ? | ? | × | × | × |
|
|
