1. 14
  1.  

  2. 7

    I note that all of the ROP-less attacks were against browsers which try to execute attacker code in a “safe” way. I don’t think it’s surprising that if you allow an attacker to use your JIT to compile their exploit, they might find a loophole that allows them execute said exploit as well. But what does this mean for other programs, like web servers, that must process hostile inputs but don’t necessarily attempt to execute them?