Defeating Microsoft Windows XP SP2 Heap protection and DEP bypass

“In October 2004 it was discovered by MaxPatrol team that it is possible to defeat Microsoft® Windows® XP SP2 Heap protection and Data Execution Prevention mechanism. As a result it is possible to implement:

1. Arbitrary memory region write access (smaller or equal to 1016 bytes)
2. Arbitrary code execution
3. DEP bypass.

Details are described in the article by our expert: PDF format, HTML format.…”

http://www.maxpatrol.com/ptmshorp.asp