[VIM] #2005-0028 typo

security curmudgeon jericho at attrition.org
Tue Jun 14 20:26:41 EDT 2005

>From the advisory:

   - Security Fix: wget allows a remote malicious web server to overwrite
     certain files via a redirection URL containing a ".." that resolves to
     the IP address of the malicious server, which bypasses wget's filtering
     for ".." sequences.
   - wget does not filter or quote control characters when displaying HTTP
     responses to the terminal, which may allow remote malicious web servers
     to inject terminal escape sequences and execute arbitrary code.

     The Common Vulnerabilities and Exposures project (cve.mitre.org) has
     assigned the name CAN-2004-1487 and CAN-2004-1487 to these issues.

This lists the same two CAN designations.

More information about the VIM mailing list