Snappyjava.dll missing available exploitation mitigations #661
Description
Pen test reported DLLS missing exploitation mitigations.
Scanning tool: https://github.com/microsoft/binskim
Version: 1.1.10.7
x86/snappyjava.dll:
-
‘No Execute’ bit - The executable does not enforce the NX bit, allowing code execution in memory regions that should be non-executable. This increases the risk of exploitation through attacks like buffer overflows.
-
Dynamic Base not enabled – The executable does not support dynamic base relocation, preventing it from benefiting from Address Space Layout Randomization (ASLR), which increases the predictability of memory addresses and makes exploitation easier.
-
SafeSEH not enabled - The executable does not enforce SafeSEH, leaving it vulnerable to structured exception handling (SEH) overwrite attacks, where an attacker can take control of execution flow by manipulating exception handlers.
x86_64/snappyjava.dll:
-
Dynamic Base not enabled – The executable does not support dynamic base relocation, preventing it from benefiting from Address Space Layout Randomization (ASLR), which increases the predictability of memory addresses and makes exploitation easier.
-
ASLR compatibility - The executable is incompatible with ASLR because it is 64-bit but has a base address below 4GB. This makes it more vulnerable to memory corruption exploits, as attackers can more easily predict the location of critical memory regions.