



So today was the second and the last day of the contest and result after the contest have been announced. As far with results day two was much bigger and great day for researcher, as on second day researcher were rewarded $450,000 which is much more then of day 1





On second and the final day of Pwn2Own 2014, researcher managed to find seven security risk against five products. For these seven successful entrants they paid $450,000 to researcher. The total amount till second day was $850,000 (which is excluding the charity donation amounts).





As yesterday, Google Chrome escaped from any kind of the risk, but today researcher reported Two flaws against Chrome browser. The following are the vulnerabilities were successfully presented on second day of Pwn2Own competition:





All the vulnerabilities were disclosed to their respective vendors in the Chamber of Disclosures, and each will be working to address those issues through their respective processes.





You can also watch some of the demonstration of the exploit at Pwn2Own 2014.



Pwn2Own Mozilla Firefox exploit

HP Pwn2Own: Keen Team exploits Safari and Flash

As first day of Pwn2Own contest goes with the record breaking day of reward for researcher where a total of $400,000 have been paid for there effort and research on the number of web browser and on adobe product. A France based security firm name as "VUPEN" have managed to find the most of the security flaws of which they have grabbed a total of $300,000.By an anonymous participant:Against Google Chrome, an arbitrary read/write bug with a sandbox bypass resulting in code execution. Upon review, contest judges declared this a partial win due to one portion of the presentation’s collision with a vulnerability presented earlier at Pwnium.Against Microsoft Internet Explorer, two use-after-free bugs and a kernel bug, resulting in system calculator.Against Apple Safari, a heap overflow along with a sandbox bypass, resulting in code execution.Against Mozilla Firefox, an out-of-bound read/write resulting in code execution.Against Google Chrome, a use-after-free affecting both Blink and WebKit along with a sandbox bypass, resulting in code execution.Against Adobe Flash, a heap overflow with a sandbox bypass, resulting in code execution.