Nominees for Pwnie Awards 2013 announced

Nominees for Pwnie Awards 2013 have been announced and this time around there will be a total of eight award categories including best server-side and client-side bug, best privilege escalation, most epic fail and epic 0wnage.

Nominees for the best server-side bug are Ben Murphy for his Ruby on Rails YAML (CVE-2013-0156), Esteban Fayo for Cryptographic flaws in the Oracle Database authentication protocol (CVE-2012-3137) and Greg MacManus for Nginx Overflows (CVE-2013-2028) and CVE-2013-2070) among others.

Best client-side bug nominees are MWRLabs for WebKit SVGElement Type Confusion (CVE-2013-0912) and VUPEN for Adobe Flash Player RegExp Overflow (CVE-2013-0634) including two other unknown nominees.

Most Epic FAIL nominees include CryptoCat, Sophos, Android, U.S. Govt, and nMap. Epic 0wnage nominees are Internet Census 2012, Cyber Fast Track, APT1 pwnage by malware.lu and Joint nomination to Edward Snowden and the NSA. This year’s awards also includes categories such as Lamest Vendor Response but, the winner will be announced directly at the award ceremony scheduled for July 31 at the BlackHat USA conference in Las Vegas.