Writable entry point
ID PE114 Level ERROR Category Security
Description
The executable has an entry point which is placed to the writable section. This can make it much easier for an attacker to exploit memory corruption vulnerabilities.
Entry point should be located in readable and executable memory.
Mitigation
- Make sure you are not merging sections with different memory access attributes.
- Do not explicitly change memory attributes. If doing so, do not mark a section containing the entry point writable.
If using Visual C++:
- Look for the
/SECTIONoption in the linker command line or the corresponding#pragma sectiondeclarations in the code.
Arguments
This rule has the following output arguments:
-
section- Affected section name
Loading...
Unable to load this documentation page.