VeriSign’s security company iDefence is offering rewards of $8000 - $12000 for the exposure of remotely exploitable vulnerabilities in Microsofts Windows Vista and Internet Explorer 7. This Quarter 1 challenge offers $8000 to any vulnerability submitted which can allow execution of arbitrary code via remote exploitation, $4000 is offered for working exploit code to accompany the submitted security flaws.
Vulnerability Challenge Ground Rules:
- The vulnerability must be remotely exploitable and must allow arbitrary code execution in a default installation of one of the technologies listed above
- The vulnerability must exist in the latest version of the affected technology with all available patches/upgrades applied
- 'RC' (Release candidate), 'Beta', 'Technology Preview' and similar versions of the listed technologies are not included in this challenge
- The vulnerability must be original and not previously disclosed either publicly or to the vendor by another party
- The vulnerability cannot be caused by or require any additional third party software installed on the target system
- The vulnerability must not require additional social engineering beyond browsing a malicious site
For full details visit the lab at iDefence.