Pwn2Own 2014

Pwn2Own 2014: Firefox, Internet Explorer and Safari hacked

That's it Pwn2Own 2014, one event you are doing these days along with CanSecWest at Vancouver, began. the issue is how it started. From day one, contestants revealed vulnerabilities in Safari, Firefox, Internet Explorer, and classics in Adobe Flash and Reader.

Pwn2Own 2014
Pwn2Own 2014

Rewards for discovering vulnerabilities from day one have reached $ 400,000. Most of this money went to a French research firm VUPEN. The company's researchers managed to discover a total of four vulnerabilities.

They discovered one use-after-free on its sandbox Internet Explorer. Vulnerability can be used to execute arbitrary code. One Overflow with PDF in the Adobe reader sandbox can also be used to execute malicious code.

VUPEN experts also presented one use-after-free which can act as a lever to run malicious code on Firefox. They also managed to bypass the Windows 11 Internet Explorer 8.1 sandbox with a vulnerability  use-after-free causing object confusion at the broker

  48 Hours on Facebook stops watching users

VUPEN researchers received a total of $ 300,000.

Researchers Jüri Aedla and Mariusz Mlynski managed to hack Firefox. Aedla discovered one out-of-bound read / write can be used to run malicious code

Mlynski discovered two security gaps: a privilege escalation flaw that could be exploited to bypass the browser's security measures. Each of the experts took from 50.000 dollars.

The organizing initiative belongs to TippingPoint Zero Day Initiative (ZDI) and Google, which, as co-sponsor of Pwn2Own 2014, took part in Pwn4Fun. Experts from Google and ZDi presented their own exploits, and all the proceeds to be made available for the Red Cross of Canada.

"At Pwn4Fun, Google presented a very impressive exploit for Apple's Safari. The exploit runs it Safari launching Calculator  as a root on Mac OS X. ZDi has multiplied exploits, including a flexible bypass of the Internet Explorer sandbox, ”said the contest organizers.

  Now: Scam on Facebook empties bank accounts

82.500 dollars will be available on the Red Cross of Canada.

[do_widget id = blog_subscription-3]

Follow us on Google News at Google news

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published.

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).

84 +    = 86