Abstract: A method, system and product are provided including obtaining a list of vulnerabilities of an execution environment of a device, analyzing the execution environment to determine contextual factors of the execution environment, and adjusting the list of vulnerabilities based on the contextual factors. This provides a device-specific list of vulnerabilities configured to indicate an estimated impact of each listed vulnerability. Adjusting the list includes at least one of removing a first vulnerability from the list in case that exploitation of the first vulnerability is prevented in the device by the contextual factors, decreasing a score of a second vulnerability of the list in case the contextual factors mitigate an exploitation of the second vulnerability, and increasing a score of a third vulnerability of the list in case that the contextual factors increase a risk of an exploitation of the third vulnerability.

Abstract: A method, system and product comprising determining a characterization of a terminal of a plurality of terminals within a binary code based on influences of the terminal, wherein the characterization of the terminal indicates a role of the terminal in the binary code; based on the characterization of the terminal, determining that the terminal is potentially affected by external input that is inputted to a device executing the binary code; determining for the terminal a corresponding propagation path within the binary code, wherein the propagation path indicates a reachability of the terminal within the binary code; locating in the binary code a code patch associated with a functionality of the binary code, wherein the code patch is associated with the propagation path of the terminal, wherein the code patch can be executed independently from the binary code; extracting the code patch from the binary code for testing; and generating an emulation of the code patch to enable fuzz testing of the emulation, where

Abstract: A method, system and product for determining a characterization of a terminal within a binary code, based on influences of the terminal. Based on the characterization of the terminal, the terminal is determined to be potentially affected by external input that is inputted to a device executing the binary code. A propagation path that indicates a reachability of the terminal within the binary code is determined. A code patch associated with a functionality of at least a portion of the binary code and with the propagation path of the terminal is located in the binary code. The code patch can be executed independently from the binary code. The code patch is extracted from the binary code for testing, and an emulation of the code patch is generated to enable fuzz testing of the emulation, whereby the code patch is tested independently.

Abstract: A method, system and product comprising determining a characterization of a terminal of a plurality of terminals within a binary code based on influences of the terminal, wherein the characterization of the terminal indicates a role of the terminal in the binary code; based on the characterization of the terminal, determining that the terminal is potentially affected by external input that is inputted to a device executing the binary code; determining for the terminal a corresponding propagation path within the binary code, wherein the propagation path indicates a reachability of the terminal within the binary code; locating in the binary code a code patch associated with a functionality of the binary code, wherein the code patch is associated with the propagation path of the terminal, wherein the code patch can be executed independently from the binary code; extracting the code patch from the binary code for testing; and generating an emulation of the code patch to enable fuzz testing of the emulation, where

Abstract: A method, system and product, configured to perform: during an execution of a program, obtaining boundaries of a stack frame of a function that is currently present in a stack, wherein said obtaining the boundaries comprises: obtaining a return address of the function in the stack; determining a length of the function using a mapping of return addresses of one or more functions in the program and corresponding lengths of the one or more functions; and determining the boundaries of the stack frame of the function based on a value of a stack pointer of the stack and based on the length of the function; based on the boundaries of the stack frame of the function, determining that the stack frame is overflown; and in response to said determining that the stack frame is overflown, performing a responsive action.

Abstract: A method, system and product, configured to perform: during an execution of a program, obtaining boundaries of a stack frame of a function that is currently present in a stack, wherein said obtaining the boundaries comprises: obtaining a return address of the function in the stack; determining a length of the function using a mapping of return addresses of one or more functions in the program and corresponding lengths of the one or more functions; and determining the boundaries of the stack frame of the function based on a value of a stack pointer of the stack and based on the length of the function; based on the boundaries of the stack frame of the function, determining that the stack frame is overflown; and in response to said determining that the stack frame is overflown, performing a responsive action.