[VIM] Blaming product vendors for other vendors' "features"

security curmudgeon jericho at attrition.org
Tue Oct 25 21:39:00 EDT 2005

: But you see this kind of stuff all over the place in A-V, even with 
: corrupted files that are rejected by most - but not all - tools (e.g. 
: CVE-2005-3210 through CVE-2005-3235).
: I think this kind of happened with MS-DOS device names a number of years 
: ago, when it used to cause a blue screen.  Various products had to put 
: in defenses/workarounds to protect themselves against what was basically 
: an OS bug.

Not just a few years ago =)  We're still seeing the classic MS-DOS Device 
Name DoS today.

More information about the VIM mailing list