Web based attackEdit
In a web-based environment the most attacked applications are those having direct or indirect relation to internet.
The list of such applications mostly comprised from PDF readers, digital document processors, media players and web browsers, while in case of web-browsers in addition to its internal vulnerabilities, web- browsers may also suffer from vulnerabilities found in installed plug-ins (like ActiveX or Firefox add-ons).
The examples of known vulnerabilities and their possible exploitation can be foun in CVE - http://cve.mitre.org/index.html
Software vulnerability and exploitationEdit
Software vulnerability is basically an incorrect or invalid handling of input parameters passed to a vulnerable program or simply software bug. A specially crafted input exploiting such vulnerability is called software vulnerability exploit or simply exploit.
If the software vulnerability is unknown to the others or undisclosed to the software manufacturer then the actual code that uses it often called a zero-day exploit or a zero day attack.
A common lifecycle of the zero day exploit is as follows:
1. The software manufacturer releases product containing the vulnerability, usually an unknown one. 2. The attacker finds the vulnerability before software developer does or before he was informed by the users. 3. The attacker creates and distributes an exploit. 4. The manufacturer finds the vulnerability and starting writing the fix.
The most successful exploit kit in 2012Edit
"At the year 2012 approx. 30% of all web threats detected by Sophos and 91% by AVG originated from this exploit kit. Either by direct visiting or re-directions from compromised legitimate websites." , http://www.squidoo.com/blackhole-exploit-kit-the-most-popular-web-threat-this-year.
Russian exploit kit that was oficially the most profitable, undetectable and successful exploit till today. The key features of success are: marketing scheme, SaaS-like distribution, multiple obfuscation layers and e.t.c...