Exploitation Properties

Exploitation properties describe the ease with which an arbitrary vulnerability might be exploited. An understanding of a system's perceived exploitability can provide useful insights when attempting to establish the risk factors associated with it¹. It is important to note that exploitation properties do not provide any indication that a vulnerability exists; instead, they are only meant to convey information about how easily a vulnerability could be exploited. The concept of an exploitation property can be broken into different categories which are tied to the configuration or context that the property is associated with. Examples of these categories include platforms, processes, binary modules, functions, and so on.

The following subsections provide concrete examples to better illustrate the concept of an exploitation property. These examples are given by showing what implications a property has with respect to exploitation as well as how a property might be derived. It should be noted that the examples given in this paper do not represent a complete, exhaustive set of exploitation properties.

• Platform Properties
• Process Properties
• Module Properties
  • No Support for ASLR
  • No Support for SafeSEH
  
  
• Function Properties
  • Absence of GuardStack
  • Partial Overwrite Feasibility
  • Function or Parent Registers an Exception Handler
  • Function is an Exception Handler