Research on OLE object vulnerability analysis for RTF file
In order to deal with the problem of OLE parsing vulnerability for RTF documents, a kind of vulnerability analysis method based on data block analysis and characterization data construction was proposed. The trigger con-ditions of OLE object vulnerability by reverse engineering technique were analyz...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2016-01-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2016.00011 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841530424148361216 |
|---|---|
| author | De-guang LE Liang ZHANG Sheng-rong GONG Li-xin ZHENG Shao-gang WU |
| author_facet | De-guang LE Liang ZHANG Sheng-rong GONG Li-xin ZHENG Shao-gang WU |
| author_sort | De-guang LE |
| collection | DOAJ |
| description | In order to deal with the problem of OLE parsing vulnerability for RTF documents, a kind of vulnerability analysis method based on data block analysis and characterization data construction was proposed. The trigger con-ditions of OLE object vulnerability by reverse engineering technique were analyzed. The trigger point of vulnerabil-ity was located through data block analysis. The OLE object vulnerability was detected based on characterization data construction. Tests show that the proposed method not only detects the OLE object vulnerability correctly, but also locates the point of vulnerability accurately, which provides the effective support for the research on vulnerabil-ity patches. Besides, the detection effectiveness of the proposed method is higher than that of other methods, which can effectively defense the exploit attack of OLE object vulnerability for RTF documents. |
| format | Article |
| id | doaj-art-14d92fc2627b479cbbaa64b0adb9e52e |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2016-01-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-14d92fc2627b479cbbaa64b0adb9e52e2025-01-15T03:04:17ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2016-01-012344559542955Research on OLE object vulnerability analysis for RTF fileDe-guang LELiang ZHANGSheng-rong GONGLi-xin ZHENGShao-gang WUIn order to deal with the problem of OLE parsing vulnerability for RTF documents, a kind of vulnerability analysis method based on data block analysis and characterization data construction was proposed. The trigger con-ditions of OLE object vulnerability by reverse engineering technique were analyzed. The trigger point of vulnerabil-ity was located through data block analysis. The OLE object vulnerability was detected based on characterization data construction. Tests show that the proposed method not only detects the OLE object vulnerability correctly, but also locates the point of vulnerability accurately, which provides the effective support for the research on vulnerabil-ity patches. Besides, the detection effectiveness of the proposed method is higher than that of other methods, which can effectively defense the exploit attack of OLE object vulnerability for RTF documents.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2016.00011RTF documentsoftware securityOLE vulnerabilityvulnerability analysis |
| spellingShingle | De-guang LE Liang ZHANG Sheng-rong GONG Li-xin ZHENG Shao-gang WU Research on OLE object vulnerability analysis for RTF file 网络与信息安全学报 RTF document software security OLE vulnerability vulnerability analysis |
| title | Research on OLE object vulnerability analysis for RTF file |
| title_full | Research on OLE object vulnerability analysis for RTF file |
| title_fullStr | Research on OLE object vulnerability analysis for RTF file |
| title_full_unstemmed | Research on OLE object vulnerability analysis for RTF file |
| title_short | Research on OLE object vulnerability analysis for RTF file |
| title_sort | research on ole object vulnerability analysis for rtf file |
| topic | RTF document software security OLE vulnerability vulnerability analysis |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2016.00011 |
| work_keys_str_mv | AT deguangle researchonoleobjectvulnerabilityanalysisforrtffile AT liangzhang researchonoleobjectvulnerabilityanalysisforrtffile AT shengronggong researchonoleobjectvulnerabilityanalysisforrtffile AT lixinzheng researchonoleobjectvulnerabilityanalysisforrtffile AT shaogangwu researchonoleobjectvulnerabilityanalysisforrtffile |