Software Vulnerability Exploits are exploits in software that can potentially allow hackers to take control.

Web Based Attack

In a web-based environment the most attacked applications are those having direct or indirect relation to internet.

The list of such applications mostly comprised from PDF readers, digital document processors, media players and web browsers, while in case of web-browsers in addition to its internal vulnerabilities, web browsers may also suffer from vulnerabilities found in installed plug-ins.

The examples of known vulnerabilities and their possible exploitation can be found in CVEs.

Software Vulnerability and Exploitation

Software vulnerability is basically an incorrect or invalid handling of input parameters passed to a vulnerable program or simply software bug. A specially crafted input exploiting such vulnerability is called software vulnerability exploit or simply exploit.

If the software vulnerability is unknown to the others or undisclosed to the software manufacturer then the actual code that uses it often called a zero-day exploit or a zero day attack.

Software vulnerability can be protected against with software such as Malwarebytes Anti-Exploit.

A common lifecycle of the zero day exploit is as follows:

  • The software manufacturer releases product containing the vulnerability, usually an unknown one.
  • The attacker finds the vulnerability before software developer does or before he was informed by the users.
  • The attacker creates and distributes an exploit.
  • The manufacturer finds the vulnerability and starting writing the fix.


  1. From exploit to a shell-code
  2. Types of applications targeted by attackers
  3. Wikipedia
  4. Archive of exploits detected by Quttera's exploit detection technology
  5. Blackhole exploit kit - the most popular web threat this year

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.