Estimates of success rates of remote arbitrary code execution attacks

@article{Sommestad2012EstimatesOS,
  title={Estimates of success rates of remote arbitrary code execution attacks},
  author={Teodor Sommestad and Hannes Holm and Mathias Ekstedt},
  journal={Inf. Manag. Comput. Security},
  year={2012},
  volume={20},
  pages={107-122}
}
Purpose – The purpose of this paper is to identify the importance of the factors that influence the success rate of remote arbitrary code execution attacks. In other words, attacks which use software vulnerabilities to execute the attacker’s own code on targeted machines. Both attacks against servers and attacks against clients are studied. Design/methodology/approach – The success rates of attacks are assessed for 24 scenarios: 16 scenarios for server-side attacks and eight for client-side… CONTINUE READING