The 2007 Pwnie Nominee For Best Client-Side Bug

QuickTime Java extensions vulnerability(CVE-2007-2175)

Discovered by: Dino Dai Zovi

Dino Dai Zovi set a new land speed record by discovering and exploiting this vulnerability in less than 9 hours for CanSecWest’s PWN2OWN challenge. The bug was exploitable on Windows and OS X via Internet Explorer, Firefox and Safari. For more details check out the following interview.

(CVE-2007-2175)