SVCRP Winners 2012

You’ve reached an archived blog post that may be out of date. Please visit the blog homepage for the most current posts.


SVCRP was introduced in 2011 to provide researchers with third-party confirmation of their discoveries and to help coordinate them. We strive to deliver a quick turnaround to researchers from the time a vulnerability report is received to the time the details are confirmed and the vendor contacted. I find that we have been quite successful at that, as our average time to confirm researchers' discoveries – and contact the vendors on their behalf – has been just a bit longer than two business days. Therefore, a big thank you to my team for their extremely efficient handling of the SVCRP submissions.

The two winners of our "Most Valued Contributor 2012" and "Most Interesting Coordination Report 2012" awards, who both – apart from some merchandise showing their achievements – receive paid hotel accommodation and entrance to an IT Security Conference of their choice from some of the world's most popular conferences, including Black Hat Las Vegas.

First of all, we would like to thank all the researchers who have used SVCRP – the Secunia Vulnerability Coordination Reward Program – to coordinate the vulnerabilities discovered throughout 2012.

The winners of SVCRP 2012 are…

The winner of "Most Valued Contributor 2012" is: Parvez Anwar
Parvez Anwar delivers accurate reports that are easy to verify. Parvez has discovered a number of vulnerabilities in several differing products, and we want to reward him for his efforts on bringing us consistent detailed vulnerability reports.

Parvez also won the “Most interesting coordination report 2011” award last year, and it is a real pleasure to be able to award him for his efforts for two consecutive years.

We would also like to give a special mention to Charlie Eriksen, who reported 33 different vulnerabilities in 2012. Thank you, Charlie, for your efforts.

The winner of "Most Interesting Coordination Report 2012" is: Francis Provencher.
Francis Provencher for his discovery of SA50622 #1, a vulnerability in Novell GroupWise, caused by an integer overflow error in GroupWise Internet Agent (gwia.exe).

Congratulations to both Francis Provencher and Parvez Anwar for their excellent research efforts. We will be contacting both winners shortly with more information.

We will also give rewards to other researchers, who have coordinated via SVCRP and distinguished themselves based on e.g. number of coordinated discoveries, quality of reports, and popularity of affected products.

Stay Secure,

Kasper Lindgaard,
Research Manager