I'm not certain I'd like that piece, myself (if I were looking at it from the standpoint of someone who regularly tries to make money on these things,) as once you've submitted it, what's to stop Tipping Point (or whomever) from doing their own research on it, releasing it themselves, or coding things into their products as an 'advance knowledge' release, to give them heads up over other protection vendors.
Note, from Tipping Point's perspective, I COMPLETELY understand it, and as a security professional, in general, I don't have a problem with it, per se. I'm not personally in any position where I want or need to monetarily gain from finding holes in outside code. That doesn't mean that I wouldn't accept compensation if I find a new hole during a pentest - just that I wouldn't go looking through code for the sake of doing it, to make a profit, as other companies or individuals do. But that's just me, and if it's what you're best at, more power to you, because you are using your talents to make the world a better place, in your own way.
Note - There's a fine line, in this world, between those who profit from others' mistakes, and those who profit for the greater benefit of others... (While this falls into both categories, it becomes, to me, 'Which perspective or side are you acting from, when you submit the 0day?') This is one of those very gray areas (not black and white) in the security world. If you're doing it for good reasons, and making money while you're at it, that's great! If you view it as trying to draw attention to xyz company's code, and really make them look bad (while still making money,) then to me, you're not being ethical. Ethical, in my world, isn't intentionally making another vendor or developer look bad, but rather, working to help them, and their customers, to be more secure and trustworthy. So programs like this one, when utilized properly, in an effort to benefit all, are, IMHO, good ones.
I only know that, for me in general, I have better use of my own time, NOT digging through code all day looking for issues, when I can be more valuable in educating customers, coworkers, the community at large, and others in all aspects of security, not JUST code.