The developer has found vulnerabilities, wrote PoC-code of an exploit, as well as a detailed description of the error.
Google has paid a $ 31,336 reward to a developer Ralf-Philipp Weinmann, found four dangerous vulnerabilities in the operating system, Chrome OS.
Vulnerabilities have been found in the plugin O3D – a special plug-in that creates an interactive 3D-graphics applications that run in a browser window or in a custom XML-interface.
As noted in a company blog a Google spokesman Ben Henry, an update to Chrome 26, addresses a vulnerability, will be released in the next few days.
According to Henry, the corporation has paid to the developer fee for the detection of a chain of three errors, spelling PoC-exploit code, as well as a detailed description of the vulnerabilities.
Note that the program of remuneration for the detected vulnerabilities in Chrome «the Chromium Vulnerability Rewards Program» minimum payout developers becomes $ 500, but the company usually pays at least $ 1,000, although sometimes there can be times when Google assesses the researchers work in millions of dollars.
A detailed description of vulnerabilities can be found at:
https://malwarelist.net/2013/04/18/multiple-vulnerabilities-in-chrome-os/
