The competition, which was organized at the CanSecWest meeting in Vancouver, was funded by the Hewlett-Packard Zero Day Initiative. On the first day, HP recompensed scientists with $317,500. The winners found and exploited week points in Adobe Flash, Adobe Reader, Internet Explorer and Firefox.
eWeek reported that the first prize, paid to a programmer by the nickname of ilxu1a, was for a huge memory flaw in Firefox. It took only one second to execute and earned him a nice $15,000.
Firefox was hacked twice during the occasion. Daniel Veditz, main security engineer at Mozilla, noted the organization was close by during the competition to get the vulnerability details from HP. Designers are now chipping away at a patch back at home, he included, that could be set up in a matter of hours.
Another security specialist, JungHoon Lee, figured out how to show misuses against Chrome, IE 11 and Safari. Obviously he left with a lot of cash: $75,000 for the Chrome flaw, $65,000 for IE and $50,000 for the Safari bug. He likewise got two bonuses of $35,000 together.
Held every year during the CanSecWest conference, the Pwn2Own challenge additionally grants the victors with the gadgets they hacked. First organized in 2007, the current year’s contest saw seven individual and group contenders who handled a mixed bag of Windows-based and Mac OS X-based targets.
During each of the 12 tests, scientists and research groups had 30 minutes to show vulnerabilities on the different Windows and Mac OS targets. By the end of the contest, competitors had uncovered five bugs in the Windows OS; four bugs in IE 11; three bugs each in Firefox, Reader and Flash; two bugs in Safari; and one bug in Chrome.
At the end of each Pwn2Own, all the significant vendors are told about the vulnerabilities detected by means of the Zero Day Initiatives “Chamber of Disclosures.” The hacks are made public after the given organizations have rolled out fixes for the bugs.
Image Source: Tech Worm