Tuesday, October 21, 2014
Search
  
Friday, March 14, 2014
 Security Researchers Pocket $850K In Pwn2Own Contest
You are sending an email that contains the article
and a private message for your recipient(s).
Your Name:
Your e-mail: * Required!
Recipient (e-mail): *
Subject: *
Introductory Message:
HTML/Text
(Photo: Yes/No)
(At the moment, only Text is allowed...)
 
Message Text: The second and final day of HP-sponsored Pwn2Own 2014 competition saw successful attempts by seven entrants against five products, with $450,000 paid to researchers. This brings the two-day payout total to $850,000.

The following vulnerabilities were successfully presented on Thursday in the Pwn2Own competition:

An anonymous participant on Thursday attacked Google Chrome by taking advantage of an arbitrary read/write bug to bypass the browser's sandbox and execure its code. Upon review, contest judges declared this a partial win due to one portion of the presentation's collision with a vulnerability presented earlier at Pwnium.

Sebastian Apelt and Andreas Schmidt attacked Microsoft Internet Explorer. They discovered two "use-after-free" and a kernel bug.

Liang Chen of Keen Team worked on Apple Safari and a heap overflow along with a sandbox bypass resulted in code execution.

PlayStation modder and one-time Apple employee, George Hotz attacked Mozilla Firefox and used an flaw in Firefox to achieve "out-of-bound read/write resulting in code execution",

Team VUPEN attacked Google Chrome with "a use-after-free causing object confusion in the broker, resulting in sandbox bypass".

Last but not least, Zeguang Zhou of team509 and Liang Chen of Keen Team took on with Adobe Flash, and a heap overflow with a sandbox bypass resulted in code execution.

More information on Pwn2Own's first day results is available here.


 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .