Facebook awarded $100,000 to Professors Taesoo Kim and Wenke Lee, along with PhD students Byoungyoung Lee, Chengyu Song for finding a flaw in a new class of browser-based-memory-corruption vulnerabilities that had serious security implications for C++ programs and for building the corresponding detection technique dubbed CAVER.

The group received the social media giant's Internet Defense Prize (IDP) Wednesday, at the 24th USENIX Security Symposium in Washington D.C.

What the team found was nine bad casts in libstdc++ and two bad casts in Firefox. All of the vulnerabilities have since been patched.

This is the second time that Facebook has given out an IDP award. The bounty program was created last year.

Source: SCMagazine