{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,27]],"date-time":"2026-01-27T05:27:40Z","timestamp":1769491660468,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":28,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,12,7]],"date-time":"2020-12-07T00:00:00Z","timestamp":1607299200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,12,7]]},"DOI":"10.1145\/3427228.3427645","type":"proceedings-article","created":{"date-parts":[[2020,12,9]],"date-time":"2020-12-09T22:20:18Z","timestamp":1607552418000},"page":"454-465","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":9,"title":["HeapExpo: Pinpointing Promoted Pointers to Prevent Use-After-Free Vulnerabilities"],"prefix":"10.1145","author":[{"given":"Zekun","family":"Shen","sequence":"first","affiliation":[{"name":"New York University, USA"}]},{"given":"Brendan","family":"Dolan-Gavitt","sequence":"additional","affiliation":[{"name":"New York University, USA"}]}],"member":"320","published-online":{"date-parts":[[2020,12,8]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2016. Triaging the exploitability of IE\/EDGE crashes. https:\/\/msrc-blog.microsoft.com\/2016\/01\/12\/triaging-the-exploitability-of-ieedge-crashes\/  2016. Triaging the exploitability of IE\/EDGE crashes. https:\/\/msrc-blog.microsoft.com\/2016\/01\/12\/triaging-the-exploitability-of-ieedge-crashes\/"},{"key":"e_1_3_2_1_2_1","volume-title":"MarkUs: Drop-in Use-After-Free Prevention for Low-Level Languages. In 2020 IEEE Symposium on Security and Privacy (SP). 860\u2013860","author":"Ainsworth S"},{"key":"e_1_3_2_1_3_1","volume-title":"Proceedings of the 19th USENIX Conference on Security","author":"Akritidis Periklis","year":"2010"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/178243.178446"},{"key":"e_1_3_2_1_5_1","unstructured":"Fabrice Bellard. 2019. QuickJS Javascript Engine. https:\/\/bellard.org\/quickjs\/.  Fabrice Bellard. 2019. QuickJS Javascript Engine. https:\/\/bellard.org\/quickjs\/."},{"key":"e_1_3_2_1_6_1","first-page":"6","article-title":"DieHard","volume":"41","author":"Berger D.","year":"2006","journal-title":"Probabilistic Memory Safety for Unsafe Languages. SIGPLAN Not."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2338965.2336769"},{"key":"e_1_3_2_1_8_1","unstructured":"CVE. 2019. CVE - Common Vulnerabilities and Exposures. https:\/\/cve.mitre.org\/.  CVE. 2019. CVE - Common Vulnerabilities and Exposures. https:\/\/cve.mitre.org\/."},{"key":"e_1_3_2_1_9_1","unstructured":"[\n  9\n  ]  Google developers.2019. https:\/\/github.com\/google\/oss-fuzz.  [9] Google developers.2019. https:\/\/github.com\/google\/oss-fuzz."},{"key":"e_1_3_2_1_10_1","unstructured":"[\n  10\n  ]  LLVM developers.2019. https:\/\/llvm.org\/docs\/Passes.html#mem2reg-promote-memory-to-register.  [10] LLVM developers.2019. https:\/\/llvm.org\/docs\/Passes.html#mem2reg-promote-memory-to-register."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2006.31"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2006.31"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3337167.3337171"},{"key":"e_1_3_2_1_14_1","volume-title":"SPEC CPU2006 Benchmark Descriptions. SIGARCH Comput. Archit. News 34","author":"Henning L.","year":"2006"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.5555\/977395.977673"},{"key":"e_1_3_2_1_16_1","unstructured":"Byoungyoung Lee Chengyu Song Yeongjin Jang Tielei Wang Taesoo Kim Long Lu and Wenke Lee. 2015. Preventing Use-after-free with Dangling Pointers Nullification. In NDSS.  Byoungyoung Lee Chengyu Song Yeongjin Jang Tielei Wang Taesoo Kim Long Lu and Wenke Lee. 2015. Preventing Use-after-free with Dangling Pointers Nullification. In NDSS."},{"key":"e_1_3_2_1_17_1","unstructured":"Henry Li and Jack Tang. 2017. Cross the Wall - Bypass All Modern Mitigations of Microsoft Edge. https:\/\/www.blackhat.com\/asia-17\/briefings.html#cross-the-wall-bypass-all-modern-mitigations-of-microsoft-edge  Henry Li and Jack Tang. 2017. Cross the Wall - Bypass All Modern Mitigations of Microsoft Edge. https:\/\/www.blackhat.com\/asia-17\/briefings.html#cross-the-wall-bypass-all-modern-mitigations-of-microsoft-edge"},{"key":"e_1_3_2_1_18_1","unstructured":"[\n  18\n  ]  libaom developers.2019. https:\/\/github.com\/mozilla\/aom.  [18] libaom developers.2019. https:\/\/github.com\/mozilla\/aom."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1543135.1542504"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1254810.1254820"},{"key":"e_1_3_2_1_21_1","first-page":"6","article-title":"Valgrind","volume":"42","author":"Nethercote Nicholas","year":"2007","journal-title":"A Framework for Heavyweight Dynamic Binary Instrumentation. SIGPLAN Not."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866371"},{"key":"e_1_3_2_1_23_1","unstructured":"OSS-Fuzz 2019. OSS-Fuzz: Fuzzing the planet. https:\/\/bugs.chromium.org\/p\/oss-fuzz.  OSS-Fuzz 2019. OSS-Fuzz: Fuzzing the planet. https:\/\/bugs.chromium.org\/p\/oss-fuzz."},{"key":"e_1_3_2_1_24_1","unstructured":"QuickJS 0day Contest 2019. QuickJS 0day Contest. http:\/\/rce.party\/cracksbykim-quickJS.nfo.  QuickJS 0day Contest 2019. QuickJS 0day Contest. http:\/\/rce.party\/cracksbykim-quickJS.nfo."},{"key":"e_1_3_2_1_25_1","volume-title":"Proceedings of the 2012 USENIX Conference on Annual Technical Conference","author":"Serebryany Konstantin","year":"2012"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3064176.3064211"},{"key":"e_1_3_2_1_27_1","unstructured":"Mark Yason. 2015. MemGC: Use-After-Free Exploit Mitigation in Edge and IE on Windows 10. https:\/\/securityintelligence.com\/memgc-use-after-free-exploit-mitigation-in-edge-and-ie-on-windows-10\/  Mark Yason. 2015. MemGC: Use-After-Free Exploit Mitigation in Edge and IE on Windows 10. https:\/\/securityintelligence.com\/memgc-use-after-free-exploit-mitigation-in-edge-and-ie-on-windows-10\/"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"crossref","unstructured":"Yves Younan. 2015. FreeSentry: protecting against use-after-free vulnerabilities due to dangling pointers. In NDSS.  Yves Younan. 2015. FreeSentry: protecting against use-after-free vulnerabilities due to dangling pointers. In NDSS.","DOI":"10.14722\/ndss.2015.23190"}],"event":{"name":"ACSAC '20: Annual Computer Security Applications Conference","location":"Austin USA","acronym":"ACSAC '20"},"container-title":["Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3427228.3427645","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3427228.3427645","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:02:25Z","timestamp":1750197745000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3427228.3427645"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12,7]]},"references-count":28,"alternative-id":["10.1145\/3427228.3427645","10.1145\/3427228"],"URL":"https:\/\/doi.org\/10.1145\/3427228.3427645","relation":{},"subject":[],"published":{"date-parts":[[2020,12,7]]},"assertion":[{"value":"2020-12-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}