Comment by anyfoo
7 years ago
Don’t know any details about this one, but some bugs are just not exploitable beyond denial of service. If all you can do is provoke an action that makes the OS kill the process immediately, for example. Like a null pointer dereference under the right circumstances.
That's kind of what I was thinking, but it sounds like you or I know about as much about the cause of the bug as the person offering assurances.