Major Browsers, Java Hacked on the First Day of Pwn2Own 2013

IE 10, Firefox 19 and the latest version of Chrome stable have been "pwned"

By on March 7th, 2013 14:04 GMT

Considering the large amounts of money being offered at Pwn2Own 2013, we shouldn’t be surprised that most of the web browsers have been hacked on the first day of the competition, held these days in Canada as part of the CanSecWest conference.

So far, Firefox, Internet Explorer 10, Java and Chrome have been broken by the contestants.

French security firm VUPEN announced breaking Internet Explorer 10 on Windows 8, Firefox 19 on Windows 7, and Java.

“We've pwned MS Surface Pro with two IE10 zero-days to achieve a full Windows 8 compromise with sandbox bypass,” VUPEN wrote on Twitter.

“We've pwned Firefox using a use-after-free and a brand new technique to bypass ASLR/DEP on Win7 without the need of any ROP,” the company said two hours later.

It appears they hacked Java by leveraging a “unique heap overflow as a memory leak to bypass ASLR and as a code execution.”

“ALL our 0days & techniques used at #Pwn2own have been reported to affected software vendors to allow them issue patches and protect users,” VUPEN said.

Experts from MWR Labs have managed to demonstrate a full sandbox bypass exploit against the latest stable version of Chrome.

“By visiting a malicious webpage, it was possible to exploit a vulnerability which allowed us to gain code execution in the context of the sandboxed renderer process,” MWR Labs representatives wrote.

“We also used a kernel vulnerability in the underlying operating system in order to gain elevated privileges and to execute arbitrary commands outside of the sandbox with system privileges.”

Java was also “pwned” by Josh Drake of Accuvant Labs and James Forshaw of Contextis.

Currently, VUPEN is working on breaking Flash, Pham Toan is attempting to hack Internet Explorer 10, and the famous George Hotz is taking a crack at Adobe Reader.

1 Comment