Share

Related Stories

Top 5 Stories

News

Vupen strikes again: French team cracks IE 9 in Pwn2Own hack contest

09 March 2012

A team from the French security firm Vupen has cracked a second browser during the Pwn2Own hacking contest at CanSecWest – Internet Explorer 9 – after compromising Chrome on the first day of the competition.

Vupen used two separate bugs – a heap overflow bug and a memory corruption bug – to compromise IE 9 and run code outside the sandbox. The heap overflow vulnerability exists in a number of versions of IE, from version 6 through IE 10, which is in consumer preview right now.

Chaouki Bekrar of Vupen said that the compromise of IE took two of his team members six weeks to find the bugs and make the exploits work.

"It was difficult because the heap overflow vulnerabilities are not very common", Bekrar told SecurityNewsDaily. "They are rare but they are useful, because you can use the same vulnerability to achieve memory leak and thus bypass ASLR [address space layout randomization]."

"Usually we need three vulnerabilities, one for DEP [data execution prevention], one for ASLR, and one for the sandbox. Here we had one that allowed us to do DEP and ASLR, which is nice", he added.

Vupen picked up 124 points with the IE 9 and Chrome exploits and was expected to win the $60,000 Pwn2Own price to be awarded on Friday.

This article is featured in:
Application Security  •  Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×