Monthly Archives: January 2008

IDefense payment for remote heap overflow

I checked my bank account today, and I’ve (finally) been paid for the remote heap overflow I sent in late Novemember.  As you can see, it took a good couple months from initial contact to receiving payment.

 I sent them another bug/vuln a week and a half ago, but I’m not sure if they’ll be interested in buying it, as it’s not a code execution vuln.  They are looking at it though it seems.