It was discovered by MaxPatrol team that it is possible to defeat Microsoft® Windows® XP SP2 Heap protection and Data Execution Prevention mechanism.
As a result it is possible to implement: - Arbitrary memory region write access (smaller or equal to 1016 bytes); - Arbitrary code execution; - DEP bypass.
Details are described in the article:
Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html