The upcoming Pwn2Own hacking contest has got Mozilla and Google on their toes. The contest that’s due for next week has already seen the browser giants patching the flaws in their respective browsers.
Watch out for who emerges clean!
While Mozilla admitted to having 10 flaws in its browser Firefox – eight of which were touted as 'critical' and high to medium ranging vulnerabilities for the other two, Google brought out 19 flaws in its browser, Chrome. All but three of the Chrome bugs were rated “High,” with the three remaining vulnerabilities classified as “Medium.”
Google presented its various researchers who used their expertise on different bugs, including a URL bar spoof and an integer overflow in text area handling, an award of $1000. Other critical flaws included a bug discovered by security researcher Jordi Chancel that could cause a crash if triggered by a corrupted JPEG image.
Quoting Jordi Chancel, “A JPEG image could be constructed that would be decoded incorrectly, causing data to be written past the end of a buffer created to store the image.” The contest that has been slated to begin on the 9th March, 2011 will happen at the CanSecWest Applied Security Conference.
The contest promises to be an interesting spectacle with the browsing giants coming face to face with seasoned hackers. Adding more spice to the sizzle is Google, as it announces a reward of $20,000 to the researcher who manages to take down Chrome. Chrome has a reputation to hold since it has emerged spot-free from this contest, last year.
Publish date: March 3, 2011 11:56 am| Modified date: December 18, 2013 7:24 pm
$20, 000, CanSecWest Applied Security Conference, Chrome, Firefox, flaws, Google, Jordi Chancel, jpeg, JSON., Mozilla, Pwn2Own, Windows