CVE-2011-1347: Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as demonstrated by Stephen Fewer as the third of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.
As far as I know this string of exploits is NOT publicly available at the moment, but if you want to read more check out the full story on zdnet.
|Stephen Fewer: If you look closely you can see his brain radiating heat!|
Anytime you get a bunch of geeks together and are giving away free computers and ca$h, it's a pretty good bet that something is gonna break. Nice work Fewer!