Pwnie Awards 2017

The 2011 Pwnie Award For Best Client-Side Bug

CVE-2011-0226

Comex

Comex exploited a vulnerability in the interpreter for Type 1 font programs in the FreeType library used by MobileSafari. This exploit is a great example of programming a weird machine to exploit a modern system. Comex used his control over the interpreter to construct a highly sophisticated ROP payload at runtime and bypass the ASLR protection in iOS. Furthermore, the ROP payload exploited a kernel vulnerability to execute code in the kernel and disable code-signing. The exploit was hosted on jailbreakme.com and was successfully used by thousands of people to jailbreak their iOS devices.