New Flash NULL pointer exploit causes security wizards to swoon

A fun tidbit, by the post's author ( Thomas Ptacek ) from the Matasano thread:

That’s awesome. Every programmer can also just not cram 200 bytes into buffers that are only big enough for 100. No need to change the C libraries. Bad programming? Use good programming. It’s so simple! How could we not have seen it!

His Matasano post is here and he links to the original paper, which I'm pretty sure _I_ wouldn't understand, so good luck.

( More details, minor anaylsis, the bad news )