I'm studying application security and now I have a question which I couldn't find a good answer.
Assume I have a vulnerable desktop application in my virus-free windows 7 PC. Let's say when the file size > 10 MB, it causes to an exception in notepad.(just an assumption, you might suggest another scenario). Who is the potential attacker and how is s/he going to hack it? I mean will he attack over the Internet somehow or will some virus use notepad for privilege escalation or something else? What are the possible attack scenarios? Whom should I save the PC from?
Whom should I save the pc from?
If the desktop application is not listening on a port, it means if there is a potential vulnerability, it can only be exploited locally. The attacker might have exploited another vulnerability and now looking for privilege escalation or persistence. Don't always assume a vulnerable desktop application would result in privilege escalation though. It depends on the vulnerability itself. For example, if the application is running with standard user privileges, even if the attacker exploits it in some way (e.g. buffer overflow, arbitrary file access etc), it won't normally result in privilege escalation. If the application is running with administrative or more privileges, then any vulnerability in the application would result in attacker gaining the same privileges the application is running with.