Zerodium is a Exploit Vendor Company.This Company Deals on Buying and Selling of Zero-Day Exploit.Today (5 January 2016) , Zerodium announced a New Bug Bounty Program and this is on Adobe’s Flash Player.who ever first delivers working zero-day exploit for bypassing the Flash Player’s Heap Isolation mitigation will get $100,000 bounty.
A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack.
In December,2015 Adobe introduce Some new security technique and one of them is heap isolation that separates data processes inside the computer’s memory. Initial Work on this project was started in July with Flash Player version 18.104.22.168, with Google’s Project Zero developers.
Adobe said “This change will limit the ability for attackers to effectively leverage use-after-free vulnerabilities for exploitation”.
Now Zerodium wants Zero-Day Exploit for Heap Isolation in Flash Player.
- $100,000 this month for an exploit that bypasses heap isolation of Flash Player with a sandbox escape.
- $65,000 for an exploit that bypasses heap isolation of Flash Player without a sandbox escape.
So, anyone wants to earn $100,000
At-last watch a video on ‘what is Zero-day exploit ?’