iDefense Q-1 2007 Challenge



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Also available at:

http://labs.idefense.com/vcp/challenge.php#more_q1+2007%3A+vulnerability+challenge

*Challenge Focus: Remote Arbitrary Code Execution Vulnerabilities in
Vista & IE 7.0*

Both Microsoft Internet Explorer and Microsoft Windows dominate their
respective markets, and it is not surprising that the decision to
update to the current release of Internet Explorer 7.0 and/or Windows
Vista is fraught with uncertainty. Primary in the minds of IT
security professionals is the question of vulnerabilities that may be
present in these two groundbreaking products.

To help assuage this uncertainty, iDefense Labs is pleased to announce
the Q1, 2007 quarterly challenge.

Remote Arbitrary Code Execution Vulnerabilities in Vista and IE 7.0

Vulnerability Challenge:
iDefense will pay $8,000 for each submitted vulnerability that allows
an attacker to remotely exploit and execute arbitrary code on either
of these two products. Only the first submission for a given
vulnerability will qualify for the award, and iDefense will award no
more than six payments of $8000. If more than six submissions
qualify, the earliest six submissions (based on submission date and
time) will receive the award. The iDefense Team at VeriSign will be
responsible for making the final determination of whether or not a
submission qualifies for the award. The criteria for this phase of
the challenge are:

I) Technologies Covered:
- - Microsoft Internet Explorer 7.0
- - Microsoft Windows Vista

II) Vulnerability Challenge Ground Rules:
- - The vulnerability must be remotely exploitable and must allow
arbitrary code execution in a default installation of one of the
technologies listed above
- - The vulnerability must exist in the latest version of the
affected technology with all available patches/upgrades applied
- - 'RC' (Release candidate), 'Beta', 'Technology Preview' and
similar versions of the listed technologies are not included in this
challenge
- - The vulnerability must be original and not previously disclosed
either publicly or to the vendor by another party
- - The vulnerability cannot be caused by or require any additional
third party software installed on the target system
- - The vulnerability must not require additional social engineering
beyond browsing a malicious site

Working Exploit Challenge:
In addition to the $8000 award for the submitted vulnerability,
iDefense will pay from $2000 to $4000 for working exploit code that
exploits the submitted vulnerability. The arbitrary code execution
must be of an uploaded non-malicious payload. Submission of a
malicious payload is grounds for disqualification from this phase of
the challenge.

I) Technologies Covered:
- - Microsoft Internet Explorer 7.0
- - Microsoft Windows Vista

II) Working Exploit Challenge Ground Rules:
Working exploit code must be for the submitted vulnerability only –
iDefense will not consider exploit code for existing vulnerabilities
or new vulnerabilities submitted by others. iDefense will consider
one and only one working exploit for each original vulnerability
submitted.

The minimum award for a working exploit is $2000. In addition to the
base award, additional amounts up to $4000 may be awarded based upon:
- - Reliability of the exploit
- - Quality of the exploit code
- - Readability of the exploit code
- - Documentation of the exploit code


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFpSHsYcX4JiqFDSgRAl+ZAJwMJaZoJ6zwd4m8qZfviOZnNNUVrACgpaTU
QkO9IXq+PsC6bMKg7j6Dwfw=
=N0am
-----END PGP SIGNATURE-----



Relevant Pages

  • FL Studio 5 (.flp file processing) Heap Overflow
    ... Vulnerability may also exist in previous and current versions ... FL Studio is a full-featured sequencer perfectly suited for creation of complex songs and realistic drum loops, with 32 bit internal mixing and advanced MIDI support. ... In order to exploit this vulnerability an attacker can craft a malicious .flp file containing executable payload and transmit it to a FL studio user over mail or chat. ... Exploitation of this vulnerability will allow arbitrary code execution with privileges of the user who opened the file. ...
    (Bugtraq)
  • Arbitrary code execution problem in Achievo
    ... Arbitrary code execution problem in Achievo ... Achievo is a web-based project management tool for business-environments. ... This vulnerability allows an attacker to execute arbitrary PHP code under ... must be able to store code on a server that is accessible by the web server. ...
    (Bugtraq)
  • [Full-disclosure] iDefense Q-1 2007 Challenge
    ... Both Microsoft Internet Explorer and Microsoft Windows dominate their ... Vista is fraught with uncertainty. ... Remote Arbitrary Code Execution Vulnerabilities in Vista and IE 7.0 ... Vulnerability Challenge: ...
    (Full-Disclosure)
  • Re: Local Sendmail vulnerability, from BugTraq
    ... > vulnerability discovered in Sendmail by Cade Cairns ... Sendmail Debugger Arbitrary Code Execution Vulnerability ... This may allow an attacker to write data to anywhere ...
    (FreeBSD-Security)
  • SecurityFocus Microsoft Newsletter #163
    ... MICROSOFT VULNERABILITY SUMMARY ... Bugzilla Javascript Buglists Remote Information Disclosure V... ... Microsoft Internet Explorer DHTML Drag and Drop Local File S... ... Microsoft Windows Workstation Service Remote Buffer Overflow... ...
    (Focus-Microsoft)