6 bugs para quebrar a sandbox do Chrome

A Google revelou ontem detalhes sobre um dos vencedores da sua "Pwnium browser hacking competition". O ataque envolveu 6 bugs!

A Tale of Two Pwnies (Part 1)
Tuesday, May 22, 2012

"Just over two months ago, Chrome sponsored the Pwnium browser hacking competition. We had two fantastic submissions, and successfully blocked both exploits within 24 hours of their unveiling. Today, we’d like to offer an inside look into the exploit submitted by Pinkie Pie.

So, how does one get full remote code execution in Chrome? In the case of Pinkie Pie’s exploit, it took a chain of six different bugs in order to successfully break out of the Chrome sandbox."