We are a new IT security company based in Italy looking for talented researchers. If you are interested in working project to project with us and maybe get a high paying research job here at our offices in italy please bid on the following task.
It's required to identify a security flaw in one of the following software:
- Microsoft Exchange and Microsoft Servers
- Microsoft Internet Explorer (should work on 6, 7 or 8)
- Microsoft Outlook (should work on 2003 and/or above)
- Microsoft Word (should work on all release major and including Word 2000 til latest beta)
The skilled security programmer is required to find a security vulnerability in one of this software by using the desidered technique (fuzzing for example).
The vulnerability must be exploitable.
The vulnerability must be exploited, meaning that it should be possible to execute (by subverting the application logic) code by exploiting the vulnerability.
The vulnerability must not be publicly available/known.
The exploit demostration should download a file from the net via http and write it in c:\[login to view URL] .
The exploit should work on the latest release of the vulnerable application with all the latest vendor's patches applied.
The exploit should be written in c, c++ or with the Metasploit framework.
Please DO NOT provide public exploit and/or public vulnerability already know in the security community and/or by the software vendor as this will not be a valid bid.
NOTICE on the WARRANTY:
I affirm under penalty of perjury that this will not be used to break any
laws and that it is for the sole purpose of security knowledge and training enhancement within the borders and laws of Italy.
NOTICE on the USAGE:
We are a security company working in security verification and penetration testing consultancy and those tools are used in fully legal activity authorized by customers. Security testing require the usage of tools capable of leaveraging the security sensibility trough results.