[VIM] verifiable vendor acknowledgement for Orenosv overflows

Steven M. Christey coley at mitre.org
Wed May 18 01:24:11 EDT 2005

Regarding the Orenosv server overflows as reported by SIG^2 in early
May (CAN-2005-1666, forthcoming):


Vendor acknowledgement is claimed in the SIG^2 advisory, and
verifiable by the vendor home page:


The vendor front page includes a Status item for version 0.8.1a, dated
5/7/2005 (obviously May 7 instead of July 5, since this page was
viewed on May 18), which says "Security DoS: Fixed vulnerabilities
reported by Tan Chew Keong" (i.e., SIG^2).

- Steve

More information about the VIM mailing list