Yunhe Shi, David Gregg, Andrew Beatty, M. Anton Ertl (2005). "Virtual Machine Showdown: Stack Versus Registers" (inglise) (VEE '05: Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments ed.). Chicago, Illinois, USA: ACM: 153–163. DOI:10.1145/1064979.1065001. ISBN1-59593-047-7. {{cite journal}}: viitemall journal nõuab parameetrit |journal= (juhend)
Ando Saabas, Tarmo Uustalu (2007). "Type systems for optimizing stack-based code"(PDF) (Electronic Notes in Theoretical Computer Science ed.). Lk 103-119. DOI:10.1016/j.entcs.2007.02.063. Originaali(PDF) arhiivikoopia seisuga 26. mai 2016.: «virtual stack or virtual register VMs can be executed more efficiently using an interpreter. Virtual register machines can be an attractive alternative to stack architectures because they allow the number of executed VM instructions to be substantially reduced.»
fortiguard.com
Haifei Li, Understanding and Exploiting Flash ActionScript VulnerabilitiesArhiiviversioon seisuga 26. november 2013, 2011 «Bytecode -> Verification process … ActionScript Vulnerabilities are due to various program flow calculating errors in the Verification/Generation Process (the Verification Flow and the Execution Flow are not the same)»
fu-berlin.de
inf.fu-berlin.de
Mark Dowd (X-Force Researcher IBM Internet Security Systems), Leveraging the ActionScript Virtual Machine[alaline kõdulink], IBM 2008 «if there was a way to execute AS3 instructions that had never been verified, it would be quite dangerous. Unverified instructions would be able to manipulate the native runtime stack … The attack works by manipulating a data structure used by the AVM2 verifier such that it doesn’t correctly verify the ActionScript instructions for a given method»
Verification of Bytecode in a Virtual machineArhiiviversioon seisuga 30. aprill 2013 // International Journal of Advanced Research in Computer Science and Software Engineering Vol.3 Issue 3 March 2013, ISSN 2277-128X: «Java byte code verification has been studied extensively from a correctness perspective, and several vulnerabilities have been found and eliminated in this process»
ioc.ee
cs.ioc.ee
Ando Saabas, Tarmo Uustalu (2007). "Type systems for optimizing stack-based code"(PDF) (Electronic Notes in Theoretical Computer Science ed.). Lk 103-119. DOI:10.1016/j.entcs.2007.02.063. Originaali(PDF) arhiivikoopia seisuga 26. mai 2016.: «virtual stack or virtual register VMs can be executed more efficiently using an interpreter. Virtual register machines can be an attractive alternative to stack architectures because they allow the number of executed VM instructions to be substantially reduced.»
Haifei Li (Microsoft), Inside AVM // REcon 2012, Montreal «Most Flash vulnerabilities are ActionScript-related … Faults on verification cause highly-dangerous JIT type confusion vulnerabilities. • highly-dangerous means perfect exploitation: bypassing ASLR+DEP, with%100 reliability, no heapSpray, no JITSpray. • JIT type confusion bugs are due to faults in the verification of AVM!»
Ando Saabas, Tarmo Uustalu (2007). "Type systems for optimizing stack-based code"(PDF) (Electronic Notes in Theoretical Computer Science ed.). Lk 103-119. DOI:10.1016/j.entcs.2007.02.063. Originaali(PDF) arhiivikoopia seisuga 26. mai 2016.: «virtual stack or virtual register VMs can be executed more efficiently using an interpreter. Virtual register machines can be an attractive alternative to stack architectures because they allow the number of executed VM instructions to be substantially reduced.»
Gerwin Klein and Martin Wildmoser, Verified Bytecode Subroutines // Journal of Automated Reasoning 30.3-4 (2003): 363–398. «Bytecode verification is a static check for bytecode safety. Its purpose is to ensure that the JVM only executes safe code: no operand stack over- or underflows, no ill-formed instructions, no type errors»
Haifei Li, Understanding and Exploiting Flash ActionScript VulnerabilitiesArhiiviversioon seisuga 26. november 2013, 2011 «Bytecode -> Verification process … ActionScript Vulnerabilities are due to various program flow calculating errors in the Verification/Generation Process (the Verification Flow and the Execution Flow are not the same)»
Verification of Bytecode in a Virtual machineArhiiviversioon seisuga 30. aprill 2013 // International Journal of Advanced Research in Computer Science and Software Engineering Vol.3 Issue 3 March 2013, ISSN 2277-128X: «Java byte code verification has been studied extensively from a correctness perspective, and several vulnerabilities have been found and eliminated in this process»
