Resilience to Buffer Overflow Attacks

The Windows help program (Winhlp32.exe) on Windows NT 4.0 with Service Pack 4 has a buffer overflow vulnerability, which occurs when it reads a content file (.CNT) with a very long heading string . We instrumented Winhlp32.exe using our binary-rewriting RAD tool, and the augmented binary successfully resists the attack mounted by a published exploit code [3].