2011 Pwnie Award Nominees

Best Client-Side Bug

Android web market XSS

Blackberry Pwn2Own exploit

FreeType vulnerability in iOS (CVE-2011-0226)

Google Chrome sandbox bypass

Java mismatched codebase arbitrary code execution (CVE-2010-4452)

Best Privilege Escalation Bug

Linux $ORIGIN privilege escalation (CVE-2010-3847)

Linux kernel set_fs kernel memory overwrite (CVE-2010-4258)

Privilege escalation in CSRSS (CVE-2011-1281)

Windows kernel win32k user-mode callback vulnerabilities (MS11-034)

Best Server-Side Bug

ASP.NET Framework Padding Oracle (CVE-2010-3332)

BSD-derived IPComp encapsulation stack overflow (CVE-2011-1547)

Exim remote code execution flaw (CVE-2010-4344)

ISC dhclient metacharacter injection (CVE-2011-0997)

Microsoft FTP server heap overflow (CVE-2010-3972)

Best Song

#antisec

0-day

Eatin’ Cookies

Hacker Hacker

Help Yourself To My Flaws

LIGATT Rap

Mastering Success And Failure

My Digital Self

The Light It Up Contest

gli anni

Epic 0wnage

Anonymous for hacking HBGary Federal

Bradley Manning and Wikileaks

LulzSec for hacking everyone

Stuxnet

Lamest Vendor Response

Magix Music Maker 16 stack overflow

RSA SecurID token compromise

Remotely exploitable stack overflow in OpenSSH on Novell NetWare

Lifetime Achievement Award

pipacs/PaX Team

Most Epic Fail

Sony

Sony

Sony

Sony

Sony

Most Innovative Research

Black Box Auditing Adobe Shockwave

Securing the Kernel via Static Binary Rewriting and Program Shepherding

Stackjacking

Understanding and Exploiting Flash ActionScript Vulnerabilities

Understanding the LFH heap