Vupen is known for taking a different tack than most security researchers: The company only reports bugs to vendors that have contracted for its services. In several cases last year and so far in 2011, Vupen has been among the first to break news of a bug in Microsoft's Windows operating system.
Both of Vupen's hacking attempts will be based on unreported vulnerabilities, confirmed Chaouki Bekrar, the company's CEO and head of research.
"To target Safari on Mac OS X Snow Leopard, we will use a highly reliable exploit taking advantage of a critical and unreported vulnerability," Bekrar said in an e-mail reply to questions.
Its hack of IE will be a first of its kind, added Bekrar, because it will bypass the browser's sandbox, dubbed Protected Mode. "This is the first time such a critical weakness has been discovered in Protected Mode," said Bekrar.
Vupen may not get a chance to win the $15,000 prize for IE if Stephen Fewer, who has drawn first shot at Microsoft's browser, succeeds. Fewer is the founder of Harmony Security, and frequently reports bugs to TippingPoint's Zero Day Initiative (ZDI) bounty program.
Last year, Fewer found a critical flaw in IE that Microsoft patched in December.
"Being first [in line] at Pwn2Own is very important," acknowledged Holden. Only the first researcher to successfully exploit each browser or smartphone is eligible for a cash prize.
Holden is looking forward to Pwn2Own, which he said had a break-out 2010.
"We had a groundbreaking year with ZDI last year, and we can directly correlate that with Pwn2Own," said Holden. "It really started for us in April, after [2010's] Pwn2Own. Aaron [Portnoy] and the team came back and the queue was filled with vulnerabilities, good vulnerabilities."
TippingPoint runs the ZDI bug bounty program to acquire unreported vulnerabilities, which it then analyzes so it can add protection against those bugs to the security tools and intrusion prevention system (IPS) appliances HP sells.
In other words, Holden said, the increasing attention paid to Pwn2Own has paid off. Last year, TippingPoint received more than 300 vulnerability submissions, a ZDI record. "Pwn2Own was responsible for that," Holden said.
The company also hired one of the winners from last year -- Peter Vreugdenhil, then an independent Dutch researcher -- based on his skill bypassing Windows 7's anti-exploit defenses, ASLR and DEP. Vreugdenhil, who cannot compete because he now works for TippingPoint, will serve as one of the contest's judges. But Holden declined to say whether another past winner, a German computer science student known only as "Nils," is among the anonymous entries. In 2010, Nils won $10,000 for compromising Firefox on Windows 7, while he walked off with $15,000 the year before for hacking Firefox, Safari and IE8 on the same day.
Sign up for Computerworld eNewsletters.