HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 15 guests and 2 members online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Malwarearrow Pwn2Own Trifecta: Hacker Exploits IE8, Firefox, Safari
EH-Net
May 26, 2013, 12:19:20 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Pwn2Own Trifecta: Hacker Exploits IE8, Firefox, Safari  (Read 3359 times)
0 Members and 1 Guest are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 4169


Editor-In-Chief


View Profile WWW
« on: March 19, 2009, 11:52:37 PM »
Ryan Naraine reports on CanSecWest:

Quote

VANCOUVER, BC — It took a while longer but Microsoft’s Internet Explorer 8 did not survive the hacker onslaught at this year’s CanSecWest Pwn2Own contest.

A security researcher named “Nils” (he declined to provide his full name) performed a clean drive-by download attack against the world’s most widely used browser to take full control of a Sony Vaio machine running Windows 7.

He won a cash prize and got to keep the hardware.  Details of the vulnerability, which was described by contest sponsor TippingPoint ZDI as a “brilliant IE8 bug!” are being kept under wraps.

Several members of Microsoft’s security response team were on hand to witness the successful exploit.

“Nils” also scored a clean hit against Apple’s Safari (he was the second hacker to exploit Safari) and, later in the afternoon, he exploited a Firefox zero-day flaw to claim the trifecta.

More to come…


http://blogs.zdnet.com/security/?p=2934

Don
Logged
CISSP, MCSE, CSTA, Security+ SME
timmedin
Sr. Member
****
Offline Offline

Posts: 469



View Profile WWW
« Reply #1 on: March 20, 2009, 09:46:53 PM »
I had read this story but I didn't realize he got all three. This guy is pretty hardcore.
« Last Edit: March 20, 2009, 09:48:24 PM by timmedin » Logged
twitter.com/timmedin | http://blog.securitywhole.com
Jhaddix
Sr. Member
****
Offline Offline

Posts: 317



View Profile WWW
« Reply #2 on: March 23, 2009, 05:11:11 AM »
I must have read all the articles on this yesterday, i have been hibernating for most of the last week Tongue

Looks like the browser hackers are scared of non other than... Chrome?

The same browser that was riddled with security holes is now the most secure due to its "sandbox"

 
Logged
GSEC, GPEN, GWAPT, ECPPT, WAHHlive, LSOAdvancedPenTester

http://www.securityaegis.com
http://www.pentesterscripting.com
http://code.google.com/p/pentest-bookmarks/
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.098 seconds with 24 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.